This document provides guidance for a lab assignment on selecting and designing a secure wireless network for a small office/home office (SOHO) environment. The student is instructed to identify the hardware and software needed to support the network security policies and user requirements defined in an earlier lab. Key elements of the response include outlining the requirements of the secure wireless network, providing an overview of the proposed technical solution, and illustrating the logical network design. Citations for any external resources must also be included.
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Analyze a DoS Attack and Recommend Protections
1. SEC 572 Week 1 iLab Denial of Service Attacks
For more classes visit
www.snaptutorial.com
SEC 572 Week 1 iLab Denial of Service Attacks
In this lab, you will discover and analyze one of two different real
network attacks. This will give you insight into the motivation,
vulnerabilities, threats, and countermeasures associated with your
selected network attack.
There are two categories of network attacks you will be concerned with
this week. The first is a network denial of service (DoS) attack, and the
second is a targeted attack on a network device connected to the
network. You will also discover the distributed denial of service (DDoS)
attack and you may use that one as well. The key difference between a
DoS and a DDoS attack is that the DDoS attack is launched towards the
target from numerous source locations. A botnet attack is an example of
a DDoS attack.
Your goal is to select a specific instance of one type of attack and
provide a managerial-style awareness document. Assume that you are
delivering your analysis to business or government managers who have
a general understanding of network communications.
The reason for the choice of two different attacks is to allow you to
select a broad or narrow focus for your work. This will also give you a
high probability of discovering a very current attack.
In general, the network denial of service attack may significantly
diminish the network's ability to properly communicate. The result will
2. be a loss of service, such as the inability to access a website's home
page. The DoS attacks have ranged from a large global footprint to a
specific target network endpoint. For example, the SQL slammer worm
was a global DoS attack, lasting for days and requiring server
modifications. In contrast, selected websites were shut down by hacker
groups, such as the hacktivist collective Anonymous, requiring support
from the ISPs and firewall vendors.
The targeted attack on a network device can result in a DoS as well, but
it uses the current network to deliver the destructive payload to the target
system. For example, a SQL injection attack's target is the database
server, with the Internet and the corporate network actually delivering
the destructive payload to the target. Furthermore, this type of attack
may leave the network functional because it uses it to propagate to other
devices or uses the victim's network to launch other attacks.
Each section of your report may require 1–6 sentences to properly
address the topic. For example, the attack discovery and resolution dates
will be one sentence, whereas the synopsis of the attack will require
about six sentences. Your primary goal is to provide the reader valuable
information about the attack.
Lab Document Framework
• Name of the attack
• Attack discovery and resolution dates
• Synopsis of the attack
• Vulnerable target(s) for the attack and likely victims
• Probable motivation(s) of the attack
• Probable creators of the attack
• Deployment, propagation, or release strategy of the attack
• Published countermeasures against the attack
• Published recovery techniques used to return to normal operations after
the attack
• Recommended incident reporting measures
• Citations and resources used in this report
**************************************************
3. SEC 572 Week 2 Network Security
For more classes visit
www.snaptutorial.com
SEC 572 Week 2 Network Security
**************************************************
SEC 572 Week 3 iLab MD5 Best and Worst Use
Cases
For more classes visit
www.snaptutorial.com
4. SEC 572 Week 3 iLab MD5 Best and Worst Use Cases
In this lab, you will explore the best and worst use of a popular message
digest algorithm. For this one, we shall focus on MD5, but all of this can
be applied to the other ones, such as SHA-1.
In the best use portion, you will discover and outline a specific
implementation of the MD5 algorithm, where it provides high value and
a very low security risk.
In contrast, in the worst use portion, you will attempt to crack an MD5
hash (this is ethical hacking) and suggest a scenario where the worst use
practice may actually be implemented.
The reason for this lab is to give you an understanding of how
cryptography can be properly and improperly used and how changes in
technology may serve to weaken trusted cryptographic applications.
Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-
1 algorithms are put to good and proper use. Start by stating what the
algorithm does and give a use case where either MD5 or SHA-1 has a
best fit condition. It is generally about 5–10 sentences.
Ethical Hacking of MD5: Copy the following text into your lab
document and fill in the blanks.
MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____
MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____
MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____
Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or
SHA-1 algorithms are put to poor or improper use. Start by stating what
improper assumptions were made and how it did (or could) lead to a
security compromise. It is generally about 5–10 sentences.
Citations and Resources Used in This Report: Tell us where you
received external guidance and ideas. If you have presented original
ideas, then give yourself credit, and tell us why you believe it is correct.
5. **************************************************
SEC 572 Week 4 iLab Intrusion Detection
Systems
For more classes visit
www.snaptutorial.com
SEC 572 Week 4 iLab Intrusion Detection Systems
Lab Document Framework
The Target Network: Indicate the type of activities and data that it
supports in a few sentences. For example, it is the website for an
educational institution that holds personal academic and financial
information, or it is the network used to control devices in a chemical
plant. Use your imagination, but select something that is real and
meaningful to you.
The Protection System: Select one from the presented list (Step 2), or
choose your own protection technology, if it is highly relevant.
The Body of the Management Briefing Document: See the guidance in
Step 3. It is generally about 4 to 10 paragraphs.
6. Citations and Resources Used in this Report: Tell us where you received
external guidance and ideas. If you have presented original ideas, then
give yourself credit, and tell us why you believe it is correct.
Step 1
Broadly outline the target network. Indicate the type of activities and
data that it supports in a few sentences.
Step 2
Select the protection system. Choose from one of the following.
Intrusion detection system (IDS)
Intrusion protection system (IPS)
Research honeypot
Active honeypot
Offensive honeypot
Step 3
Create a management briefing document that will inform senior decision
makers about their options, vendors, products, relevant examples, and
issues associated with your selected protection (from Step 2). If cost can
be identified, then please include that information as well. It is generally
about 4 to 10 paragraphs.
In this lab, you will explore at least one IDS, IPS, or Honeypot currently
offered by product vendors and cloud service providers. You will be
making a security recommendation, related to the protection of a target
network of your choice.
There are a few different paths you may take in this lab, so let's address
some of the distinguishing features and definitions that are out there.
IDS and IPS Overview
An intrusion detection system (IDS) generally detects and logs known
intrusions or anomalous network activity. Generally, no real-time
protection actually occurs, therefore false-positives create little or no
damage. Optionally, suspicious network traffic can be routed to an
alternate network, such as a honeypot.
7. An intrusion protection system (IPS) generally detects, logs, and then
blocks known intrusions or anomalous network activity. False-positives
are an issue and will result in a self-inflicted denial of service condition.
Optionally, suspicious network traffic can be routed to an alternate
network, such as a honeypot.
Honeypot Overview
Honeypots come in several broad categories. The most common labels
we apply to them are research honeypots, active honeypots, and
offensive honeypots. They are designed to do what their label suggests,
and here is a brief summary.
Note: Seek qualified legal advice before deploying any type of
honeypot.
Research honeypots generally collect and analyze data about the attacks
against a decoy-network. They can also route the attacker to new decoy-
networks, to gather more details about the potential attacks. The data
gathered are used to understand the attacks and strengthen the potential
target networks.
Active honeypots have many of the features found in a research
honeypot, but they also hold special content that, once taken by the
attackers, can be used as evidence by investigators and law enforcement.
For example, active honeypots may have database servers containing a
fake bank account or credit card information.
Offensive honeypots are configured with many of the features of the
active honeypots, with one interesting and dangerous addition: they are
designed to damage the attacker. When used outside of your own
network, this type of honeypot can result in vigilantism, attacks against
false-targets, and may result in criminal charges against the honeypot
operators. Offensive honeypots are not recommended for non-law-
enforcement organizations. However, when used fully within your own
network, this technique can detect and neutralize the attacker.
Any of the above services can be implemented on a privately managed
network, or through a cloud service. The selection of one platform over
another will generally determine where the specific protection occurs—
on your network or in the cloud.
8. The reason for this lab is to give you an understanding of how special
network technology can be used as a security research tool, while also
providing varying degrees of protection.
Each section will vary in size based on the requirements. Drive yourself
to create a useful document for the direction you have selected.
**************************************************
SEC 572 Week 5 iLab VPN
For more classes visit
www.snaptutorial.com
SEC 572 Week 5 iLab VPN
Lab Document Framework
• Potentially Acceptable VPN Solution:State the general characteristics
of one solution that meets the security and user requirements. Name the
vendor(s) and VPN services. It is generally about 3 sentences.
• VPN Solution Overview:Outline the technical functionality and
customer requirements of your first choice for a VPN service. This may
9. take the form of a feature chart that is mapped to the requirements.
Include any special conditions, limitations, or exceptions that exist. It is
generally about 2 pages.
• Network Design Illustration:Using a graphic illustration tool, such as
Visio, document the logical design of your VPN solution. It is generally
about 2 pages.
• Citations and Resources Used in this Report:Tell us where you
received external guidance and ideas. If you have presented original
ideas, then give yourself credit and tell us why you believe it is correct.
**************************************************
SEC 572 Week 6 iLab
For more classes visit
www.snaptutorial.com
SEC 572 iLab 6
Lab Document Framework
• Requirements and Policies of the Secure Wireless Network:State the
requirements and general security policies that will drive your design of
a secure wireless network at the SOHO. It should be about 5–10
sentences or bullet points.
10. • Secure Wireless Network Solution Overview:Outline the technical
functionality and customer requirements of your secure wireless
network. Tell us what the design can do. Include any special conditions,
limitations, or exceptions that exist. It should be about 5–10 sentences or
bullet points.
• Secure Wireless Network Design Illustration:Using a graphic
illustration tool, such as Visio, document the logical design of your
secure wireless network design. It should be about two pages.
• Citations and Resources Used in This Report:Tell us where you
received external guidance and ideas. If you have presented original
ideas, give yourself credit, and tell us why you believe it is correct.
During Week 2, you should have completed iLab 2 of 6: Best Practices
for Securing a Wireless Network in a SOHO—The Policy Statement,
Processes, and Procedures Guidelines. In this lab, you will explore,
select, and justify the selection of a secure wireless network for that
(iLab 2) SOHO environment. You shall actually identify the hardware
and software needed to support the network security policies and user
requirements.
The reason for this lab is to allow you to experience the wireless
network technology selection process while working with a typical set of
requirements and the current industry offerings.
Basic Wireless Network Requirements and Assumptions
Consult your iLab 2 of 6: Best Practices for Securing a Wireless
Network in a SOHO—The Policy Statement, Processes, and Procedures
Guidelines for a foundation to your design requirements.
Create your own user requirements that are reasonable and typical for a
SOHO.
**************************************************