This document provides guidance for a lab assignment on designing a secure wireless network. It outlines the required sections for the lab document, including requirements and policies for the wireless network, an overview of the proposed secure wireless solution, and an illustration of the network design. Students are instructed to select hardware and software to support the security policies and user requirements defined in an earlier lab. The goal is to gain experience designing wireless networks to meet typical requirements and industry standards.
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Detect Network Threats with IDS/IPS
1. DEVRY SEC 572 Week 1 iLab Denial of Service
Attacks
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-1-ilab-denial-of-service-
attacks-recent
For more classes visit
http://www.uopassignments.com
In this lab, you will discover and analyze one of
two different real network attacks. This will give
you insight into the motivation, vulnerabilities,
threats, and countermeasures associated with
your selected network attack.
There are two categories of network attacks you
will be concerned with this week. The first is a
network denial of service (DoS) attack, and the
second is a targeted attack on a network device
connected to the network. You will also discover
2. the distributed denial of service (DDoS) attack and
you may use that one as well. The key difference
between a DoS and a DDoS attack is that the DDoS
attack is launched towards the target from
numerous source locations. A botnet attack is an
example of a DDoS attack.
Your goal is to select a specific instance of one type
of attack and provide a managerial-style
awareness document. Assume that you are
delivering your analysis to business or
government managers who have a general
understanding of network communications.
The reason for the choice of two different attacks
is to allow you to select a broad or narrow focus
for your work. This will also give you a high
probability of discovering a very current attack.
In general, the network denial of service attack
may significantly diminish the network's ability to
properly communicate. The result will be a loss of
service, such as the inability to access a website's
home page. The DoS attacks have ranged from a
large global footprint to a specific target network
endpoint. For example, the SQL slammer worm
was a global DoS attack, lasting for days and
requiring server modifications. In contrast,
selected websites were shut down by hacker
3. groups, such as the hacktivist collective
Anonymous, requiring support from the ISPs and
firewall vendors.
The targeted attack on a network device can result
in a DoS as well, but it uses the current network to
deliver the destructive payload to the target
system. For example, a SQL injection attack's
target is the database server, with the Internet and
the corporate network actually delivering the
destructive payload to the target. Furthermore,
this type of attack may leave the network
functional because it uses it to propagate to other
devices or uses the victim's network to launch
other attacks.
Each section of your report may require 1–6
sentences to properly address the topic. For
example, the attack discovery and resolution dates
will be one sentence, whereas the synopsis of the
attack will require about six sentences. Your
primary goal is to provide the reader valuable
information about the attack.
Lab Document Framework
• Name of the attack
• Attack discovery and resolution dates
4. • Synopsis of the attack
• Vulnerable target(s) for the attack and likely
victims
• Probable motivation(s) of the attack
• Probable creators of the attack
• Deployment, propagation, or release strategy of
the attack
• Published countermeasures against the attack
• Published recovery techniques used to return to
normal
operations after the attack
• Recommended incident reporting measures
• Citations and resources used in this report
5. DEVRY SEC 572 Week 2 Network Security
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-2-network-security-
recent
For more classes visit
http://www.uopassignments.com
SEC 572 Week 2 Network Security
6. DEVRY SEC 572 Week 3 iLab MD5 Best and Worst
Use Cases
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-3-ilab-md5-best-and-
worst-use-cases-recent
For more classes visit
http://www.uopassignments.com
In this lab, you will explore the best and worst use
of a popular message digest algorithm. For this
one, we shall focus on MD5, but all of this can be
applied to the other ones, such as SHA-1.
In the best use portion, you will discover and
outline a specific implementation of the MD5
algorithm, where it provides high value and a very
low security risk.
In contrast, in the worst use portion, you will
attempt to crack an MD5 hash (this is ethical
hacking) and suggest a scenario where the worst
7. use practice may actually be implemented.
The reason for this lab is to give you an
understanding of how cryptography can be
properly and improperly used and how changes in
technology may serve to weaken trusted
cryptographic applications.
Best Use of MD5 or SHA-1: Outline a scenario
where the MD5 or SHA-1 algorithms are put to
good and proper use. Start by stating what the
algorithm does and give a use case where either
MD5 or SHA-1 has a best fit condition. It is
generally about 5–10 sentences.
Ethical Hacking of MD5: Copy the following text
into your lab document and fill in the blanks.
MD5 Hash 1:
4eefef62c45d66f55d89c515d8352c5c Input was:
_____
MD5 Hash 2:
5f4dcc3b5aa765d61d8327deb882cf99 Input was:
_____
MD5 Hash 3:
d6a6bc0db10694a2d90e3a69648f3a03 Input was:
_____
Worst Use of MD5 or SHA-1: Outline a scenario
8. where the MD5 or SHA-1 algorithms are put to
poor or improper use. Start by stating what
improper assumptions were made and how it did
(or could) lead to a security compromise. It is
generally about 5–10 sentences.
Citations and Resources Used in This Report: Tell
us where you received external guidance and
ideas. If you have presented original ideas, then
give yourself credit, and tell us why you believe it
is correct.
9. DEVRY SEC 572 Week 4 iLab Intrusion Detection
Systems
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-4-ilab-intrusion-
detection-systems-recent
For more classes visit
http://www.uopassignments.com
Lab Document Framework
The Target Network: Indicate the type of activities
and data that it supports in a few sentences. For
example, it is the website for an educational
institution that holds personal academic and
financial information, or it is the network used to
control devices in a chemical plant. Use your
imagination, but select something that is real and
meaningful to you.
The Protection System: Select one from the
presented list (Step 2), or choose your own
protection technology, if it is highly relevant.
10. The Body of the Management Briefing Document:
See the guidance in Step 3. It is generally about 4
to 10 paragraphs.
Citations and Resources Used in this Report: Tell
us where you received external guidance and
ideas. If you have presented original ideas, then
give yourself credit, and tell us why you believe it
is correct.
Step 1
Broadly outline the target network. Indicate the
type of activities and data that it supports in a few
sentences.
Step 2
Select the protection system. Choose from one of
the following.
Intrusion detection system (IDS)
Intrusion protection system (IPS)
Research honeypot
11. Active honeypot
Offensive honeypot
Step 3
Create a management briefing document that will
inform senior decision makers about their options,
vendors, products, relevant examples, and issues
associated with your selected protection (from
Step 2). If cost can be identified, then please
include that information as well. It is generally
about 4 to 10 paragraphs.
In this lab, you will explore at least one IDS, IPS, or
Honeypot currently offered by product vendors
and cloud service providers. You will be making a
security recommendation, related to the
protection of a target network of your choice.
There are a few different paths you may take in
this lab, so let's address some of the distinguishing
features and definitions that are out there.
IDS and IPS Overview
An intrusion detection system (IDS) generally
detects and logs known intrusions or anomalous
12. network activity. Generally, no real-time
protection actually occurs, therefore false-
positives create little or no damage. Optionally,
suspicious network traffic can be routed to an
alternate network, such as a honeypot.
An intrusion protection system (IPS) generally
detects, logs, and then blocks known intrusions or
anomalous network activity. False-positives are an
issue and will result in a self-inflicted denial of
service condition. Optionally, suspicious network
traffic can be routed to an alternate network, such
as a honeypot.
Honeypot Overview
Honeypots come in several broad categories. The
most common labels we apply to them are
research honeypots, active honeypots, and
offensive honeypots. They are designed to do what
their label suggests, and here is a brief summary.
Note: Seek qualified legal advice before deploying
any type of honeypot.
Research honeypots generally collect and analyze
data about the attacks against a decoy-network.
They can also route the attacker to new decoy-
13. networks, to gather more details about the
potential attacks. The data gathered are used to
understand the attacks and strengthen the
potential target networks.
Active honeypots have many of the features found
in a research honeypot, but they also hold special
content that, once taken by the attackers, can be
used as evidence by investigators and law
enforcement. For example, active honeypots may
have database servers containing a fake bank
account or credit card information.
Offensive honeypots are configured with many of
the features of the active honeypots, with one
interesting and dangerous addition: they are
designed to damage the attacker. When used
outside of your own network, this type of honeypot
can result in vigilantism, attacks against false-
targets, and may result in criminal charges against
the honeypot operators. Offensive honeypots are
not recommended for non-law-enforcement
organizations. However, when used fully within
your own network, this technique can detect and
neutralize the attacker.
Any of the above services can be implemented on a
privately managed network, or through a cloud
14. service. The selection of one platform over another
will generally determine where the specific
protection occurs—on your network or in the
cloud.
The reason for this lab is to give you an
understanding of how special network technology
can be used as a security research tool, while also
providing varying degrees of protection.
Each section will vary in size based on the
requirements. Drive yourself to create a useful
document for the direction you have selected.
15. DEVRY SEC 572 Week 5 iLab VPN
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-5-ilab-vpn-recent
For more classes visit
http://www.uopassignments.com
Lab Document Framework
• Potentially Acceptable VPN Solution:State the
general characteristics of one solution that meets
the security and user requirements. Name the
vendor(s) and VPN services. It is generally about 3
sentences.
• VPN Solution Overview:Outline the technical
functionality and customer requirements of your
first choice for a VPN service. This may take the
form of a feature chart that is mapped to the
requirements. Include any special conditions,
limitations, or exceptions that exist. It is generally
about 2 pages.
16. • Network Design Illustration:Using a graphic
illustration tool, such as Visio, document the
logical design of your VPN solution. It is generally
about 2 pages.
• Citations and Resources Used in this Report:Tell
us where you received external guidance and
ideas. If you have presented original ideas, then
give yourself credit and tell us why you believe it is
correct.
17. DEVRY SEC 572 Week 6 iLab NEW
Check this A+ tutorial guideline at
http://www.uopassignments.com/sec-572-
devry/sec-572-week-6-ilab-recent
For more classes visit
http://www.uopassignments.com
Lab Document Framework
• Requirements and Policies of the Secure Wireless
Network:State the requirements and general
security policies that will drive your design of a
secure wireless network at the SOHO. It should be
about 5–10 sentences or bullet points.
• Secure Wireless Network Solution
Overview:Outline the technical functionality and
customer requirements of your secure wireless
network. Tell us what the design can do. Include
any special conditions, limitations, or exceptions
that exist. It should be about 5–10 sentences or
bullet points.
18. • Secure Wireless Network Design
Illustration:Using a graphic illustration tool, such
as Visio, document the logical design of your
secure wireless network design. It should be about
two pages.
• Citations and Resources Used in This Report:Tell
us where you received external guidance and
ideas. If you have presented original ideas, give
yourself credit, and tell us why you believe it is
correct.
During Week 2, you should have completed iLab 2
of 6: Best Practices for Securing a Wireless
Network in a SOHO—The Policy Statement,
Processes, and Procedures Guidelines. In this lab,
you will explore, select, and justify the selection of
a secure wireless network for that (iLab 2) SOHO
environment. You shall actually identify the
hardware and software needed to support the
network security policies and user requirements.
The reason for this lab is to allow you to
experience the wireless network technology
selection process while working with a typical set
of requirements and the current industry
offerings.
19. Basic Wireless Network Requirements and
Assumptions
Consult your iLab 2 of 6: Best Practices for
Securing a Wireless Network in a SOHO—The
Policy Statement, Processes, and Procedures
Guidelines for a foundation to your design
requirements.
Create your own user requirements that are
reasonable and typical for a SOHO.