SlideShare une entreprise Scribd logo

Sec 572 Effective Communication - tutorialrank.com

B
Bartholomew99

For more course tutorials visit www.tutorialrank.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a networ

Formation
1  sur  12
Télécharger pour lire hors ligne
SEC 572 Week 1 iLab Denial of Service Attacks For more course tutorials visit www.tutorialrank.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications.
The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates
• Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report ============================================== SEC 572 Week 2 Network Security For more course tutorials visit www.tutorialrank.com SEC 572 Week 2 Network Security ==============================================
SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more course tutorials visit www.tutorialrank.com SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications.
Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA- 1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. ============================================== SEC 572 Week 4 iLab Intrusion Detection Systems For more course tutorials visit
www.tutorialrank.com SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2
Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs. In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview
An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False-positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy- networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information.
Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law- enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs— on your network or in the cloud. The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ============================================== SEC 572 Week 5 iLab VPN For more course tutorials visit
www.tutorialrank.com SEC 572 Week 5 iLab VPN Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ==============================================
SEC 572 Week 6 iLab For more course tutorials visit www.tutorialrank.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct.
During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. ==============================================

Recommandé

SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.com
Bromleyz38
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
HarrisGeorg69
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
robertlesew79
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
Baileya109
 
Sec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comSec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.com
Baileyabl
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEW
shyamuopiv
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithms
CARMEN ALCIVAR
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injection
CARMEN ALCIVAR
 

Recommandé

SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.com
Bromleyz38
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
HarrisGeorg69
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
robertlesew79
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
Baileya109
 
Sec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.comSec 572 Effective Communication / snaptutorial.com
Sec 572 Effective Communication / snaptutorial.com
Baileyabl
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEW
shyamuopiv
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithms
CARMEN ALCIVAR
 
example of sql injection
example of sql injectionexample of sql injection
example of sql injection
CARMEN ALCIVAR
 
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramIDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
Digit Oktavianto
 
Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysis
CARMEN ALCIVAR
 
Reconnaissance not always about resources
Reconnaissance not always about resourcesReconnaissance not always about resources
Reconnaissance not always about resources
idsecconf
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documents
Priyanka Aash
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
Priyanka Aash
 
A tale story of building and maturing threat hunting program
A tale story of building and maturing threat hunting programA tale story of building and maturing threat hunting program
A tale story of building and maturing threat hunting program
idsecconf
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)
ENOInstitute
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
Rod Soto
 
Databse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachDatabse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining Approach
Suraj Chauhan
 
Machine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggleMachine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggle
Priyanka Aash
 
Advances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defenseAdvances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defense
Priyanka Aash
 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training brief
Bill Nelson
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Splunk
 
Evasion Attack Detection using Adaboost Learning Classifier
Evasion Attack Detection using Adaboost Learning ClassifierEvasion Attack Detection using Adaboost Learning Classifier
Evasion Attack Detection using Adaboost Learning Classifier
IRJET Journal
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Wei-Yu Chen
 
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin FalckLuncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
North Texas Chapter of the ISSA
 
Secure Software Engineering
Secure Software EngineeringSecure Software Engineering
Secure Software Engineering
Rohitha Liyanagama
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ronnasleightholm
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
 

Contenu connexe

Tendances

Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysis
CARMEN ALCIVAR
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)
ENOInstitute
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
Rod Soto
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Wei-Yu Chen
 

Tendances (20)

IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting ProgramIDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
IDSECCONF 2020 : A Tale Story of Building and Maturing Threat Hunting Program
 
Packet capture and network traffic analysis
Packet capture and network traffic analysisPacket capture and network traffic analysis
Packet capture and network traffic analysis
 
Reconnaissance not always about resources
Reconnaissance not always about resourcesReconnaissance not always about resources
Reconnaissance not always about resources
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documents
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
 
A tale story of building and maturing threat hunting program
A tale story of building and maturing threat hunting programA tale story of building and maturing threat hunting program
A tale story of building and maturing threat hunting program
 
Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)Cyber Threat Hunting Training (CCTHP)
Cyber Threat Hunting Training (CCTHP)
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
 
Databse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining ApproachDatabse Intrusion Detection Using Data Mining Approach
Databse Intrusion Detection Using Data Mining Approach
 
Machine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggleMachine learning cybersecurity boon or boondoggle
Machine learning cybersecurity boon or boondoggle
 
Advances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defenseAdvances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defense
 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training brief
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
 
Evasion Attack Detection using Adaboost Learning Classifier
Evasion Attack Detection using Adaboost Learning ClassifierEvasion Attack Detection using Adaboost Learning Classifier
Evasion Attack Detection using Adaboost Learning Classifier
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
 
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin FalckLuncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
Luncheon 2016-07-16 - Topic 2 - Advanced Threat Hunting by Justin Falck
 
Secure Software Engineering
Secure Software EngineeringSecure Software Engineering
Secure Software Engineering
 

Similaire à Sec 572 Effective Communication - tutorialrank.com

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ronnasleightholm
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
mccormicknadine86
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
maribethy2y
 
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
IJCNCJournal
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martin
drewz lin
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Barry Greene
 

Similaire à Sec 572 Effective Communication - tutorialrank.com (20)

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
 
Network Security
Network SecurityNetwork Security
Network Security
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
 
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
 
security onion
security onionsecurity onion
security onion
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attack
 
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...
 
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on Examples
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martin
 
Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12Nt2580 Unit 7 Chapter 12
Nt2580 Unit 7 Chapter 12
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 

Dernier

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 

Dernier (20)

INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 

Sec 572 Effective Communication - tutorialrank.com

  • 1. SEC 572 Week 1 iLab Denial of Service Attacks For more course tutorials visit www.tutorialrank.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications.
  • 2. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates
  • 3. • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report ============================================== SEC 572 Week 2 Network Security For more course tutorials visit www.tutorialrank.com SEC 572 Week 2 Network Security ==============================================
  • 4. SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more course tutorials visit www.tutorialrank.com SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications.
  • 5. Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA- 1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. ============================================== SEC 572 Week 4 iLab Intrusion Detection Systems For more course tutorials visit
  • 6. www.tutorialrank.com SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2
  • 7. Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs. In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview
  • 8. An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False-positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy- networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information.
  • 9. Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law- enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs— on your network or in the cloud. The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ============================================== SEC 572 Week 5 iLab VPN For more course tutorials visit
  • 10. www.tutorialrank.com SEC 572 Week 5 iLab VPN Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ==============================================
  • 11. SEC 572 Week 6 iLab For more course tutorials visit www.tutorialrank.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5–10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct.
  • 12. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. ==============================================