_Lab02_MakrisJohn
docx
keyboard_arrow_up
School
University of Cincinnati, Main Campus *
*We aren’t endorsed by this school
Course
3075C
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
6
Uploaded by DoctorFlagCamel35
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
Port404, Ltd. Is a Cybersecurity company. They conduct penetration tests for clients, do assessments of networks and help manufacturing companies become compliant with frameworks for governmental regulations. They sell products online to help raise awareness and market the company's services.
This network through the Applied Collection Framework:
1.
Define threats;
2.
Quantify risk;
3.
Identify data feeds; and
4.
Narrow the focus.
Define Threats
What type of threats can you imagine?
Internet
:
Sensitive information sent between the client and outside services may be exposed by man-in-
the-middle attacks on internet connections.
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
Phishing attempts directed at staff members who use the internet could result in credentials being compromised and unauthorized users gaining access to customer systems.
Router:
Attackers may be able to intercept or alter network traffic using compromised routers, resulting
in illegal access or data interception.
The stability and security of the client's network may be impacted by unauthorized configuration changes brought about by lax router security.
Web servers for e-commerce:
Theft of payment information via e-commerce web server hacks is a serious risk to the client and their clientele.
Financial losses and reputational harm to the customer are possible outcomes of e-commerce fraud, which includes account takeovers and unauthorized transactions.
Workplaces:
Workstation malware infestations may allow malicious activity to proliferate throughout the client's network and compromise confidential information.
The confidentiality and integrity of client information are at danger from insider threats, which occur when employees mistakenly or purposely violate workstation security.
Account Information:
Unauthorized access due to compromised credentials may result in data breaches or the misuse
of private information.
It may be simpler for attackers to obtain unauthorized access to accounts and take advantage of the data they contain if authentication procedures are weak.
DNS:
By rerouting users to malicious websites, DNS spoofing and cache poisoning attacks can jeopardize the integrity of internet services.
Attacks known as denial of service (DoS) that target DNS infrastructure have the potential to interfere with online services and affect client website availability.
Firewall:
Firewalls that are incorrectly set may permit illegal access or expose the client's network to online dangers.
If successful, firewall bypass techniques have the potential to compromise the security measures in place and provide attackers access to the client's network.
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
How do these treats relate to confidentiality, integrity and availability?
The aforementioned threats have varying effects on availability, integrity, and confidentiality. For example, there are dangers to confidentiality when sensitive data is exposed due to illegal access to client Penn tests, client information, and account information. Data integrity may be jeopardized by attacks on workstations, web servers, and e-commerce web servers, which could result in theft or unauthorized changes. The availability of services can be affected by DNS
assaults, firewall vulnerabilities, and internet-related threats that can lead to service outages or malicious redirections of users, so impairing the client's capacity to deliver dependable and easily available services.
Quantify Risks
Impact (I) * Probability (P) = Risk (R)
Threat
Impact
Probability
Risk
Man in the Middle 4
3
12
Physhing 3
4
12
Compromised routers 4
4
16
E-Commerce Web Server Hacks 5
5
25
Unauthorized Access 4
3
12
Firewall bypass Techniques 4
3
12
DDos Attack 3
4
12
DNS Spoofing 4
4
16
Organize in descending order
Threat
Impact
Probability
Risk
E-Commerce Web Server Hacks 5
5
25
Compromised routers 4
4
16
DNS Spoofing 4
4
16
Man in the Middle 4
3
12
Physhing 3
4
12
Unauthorized Access 4
3
12
Firewall bypass Techniques 4
3
12
DDos Attack 3
4
12
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
Identify Data Feeds
E-Commerce Web Server Hacks
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
Compromised routers
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
DNS Spoofing
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
Man-in-the-Middle
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
Phishing
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
Unauthorized Access
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
Firewall Bypass Techniques
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
DDoS Attack
a. Network-Based
i. Feed 1
ii. Feed 2
b. Host-Based
i. Feed 1
ii. Feed 2
Narrow Focus
Identify and data feeds that might be less impactful to your collection needs based on any number of criteria discussed in the chapter and lecture.
1.
Redundancy:
Data streams with redundant information gleaned from other sources might have less of an impact. It's critical to steer clear of repetition and concentrate on a
variety of complimentary feeds.
2.
Relevance to Curriculum:
Data feeds that are not in line with the course syllabus or learning goals could have less of an impact. A more targeted and significant learning experience is ensured by selecting feeds that directly support the learning objectives.
3.
Limited Educational Value:
Feeds that offer excessively simplistic or unchallenging information to pupils could be viewed as having less of an impact. For learning to be effective, feeds must strike a balance between complexity and comprehensibility.
4.
Resource Intensity:
A data feed may have less of an impact in a classroom context if it necessitates a large investment of time, staff, or specialist equipment. Choosing feeds that are doable given the course's limitations is crucial.
IT3075C-002: Network Monitoring & IPS
Johnny Makris Assignment 02:
Planning Data Collection
5.
Accuracy and Reliability:
Data streams with a track record of errors or discrepancies could have less of an impact, particularly in the educational setting where students need
consistency and dependability to understand fundamental ideas.
6.
Cost:
In the event that the class has a limited budget, the affordability of the data streams becomes a crucial factor. Selecting feeds that deliver value without placing an excessive financial strain on oneself is crucial.
7.
Pedagogical Value:
Data feeds may have less of an impact if they do not support efficient teaching and learning. Setting feeds that improve student understanding and fit
the course's pedagogical approach first is essential.
8.
Timing:
Even though real-time data is important, somewhat delayed feeds might still have an influence in a classroom context. Achieving a balance between instructional objectives and timeliness is crucial.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help