SlideShare a Scribd company logo

Sec 572 Effective Communication / snaptutorial.com

Download as DOC, PDF
B
Baileyabl

For more classes visit www.snaptutorial.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack.

1 of 10
SEC 572 Week 1 iLab Denial of Service Attacks For more classes visit www.snaptutorial.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global
footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report ******************************************************************************* SEC 572 Week 2 Network Security
For more classes visit www.snaptutorial.com SEC 572 Week 2 Network Security ******************************************************************************* SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more classes visit www.snaptutorial.com SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications.
Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. ******************************************************************************* SEC 572 Week 4 iLab Intrusion Detection Systems For more classes visit www.snaptutorial.com
SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2 Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs.
In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False- positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy-networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information.
Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law-enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs—on your network or in the cloud. The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ******************************************************************************* SEC 572 Week 5 iLab VPN For more classes visit www.snaptutorial.com SEC 572 Week 5 iLab VPN
Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ******************************************************************************* SEC 572 Week 6 iLab For more classes visit www.snaptutorial.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points.
• Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5– 10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. *******************************************************************************
• Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5– 10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. *******************************************************************************

Recommended

Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
robertlesew79
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
Baileya109
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
HarrisGeorg69
 
SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.com
Bromleyz38
 
Sec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comSec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.com
Bartholomew99
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEW
shyamuopiv
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithms
CARMEN ALCIVAR
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Josh Sokol
 

Recommended

Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
robertlesew79
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
Baileya109
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
HarrisGeorg69
 
SEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.comSEC 572 Inspiring Innovation / tutorialrank.com
SEC 572 Inspiring Innovation / tutorialrank.com
Bromleyz38
 
Sec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.comSec 572 Effective Communication - tutorialrank.com
Sec 572 Effective Communication - tutorialrank.com
Bartholomew99
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEW
shyamuopiv
 
encryption and hash algorithms
encryption and hash algorithmsencryption and hash algorithms
encryption and hash algorithms
CARMEN ALCIVAR
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Josh Sokol
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
CARMEN ALCIVAR
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection System
AM Publications
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Wei-Yu Chen
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
IRJET Journal
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
butest
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
Affine Analytics
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest Minds
Happiest Minds Technologies
 
Survey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
csandit
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for Beginners
SKMohamedKasim
 
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
IJERA Editor
 
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Sandeep Kumar Seeram
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
dannykirk1221
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data Mining
Pritesh Ranjan
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET Journal
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET Journal
 
Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement
Ram Shankar Siva Kumar
 
4
44
4
aniketnimaje
 
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONCONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
IJNSA Journal
 
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ronnasleightholm
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
 

More Related Content

What's hot

Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
CARMEN ALCIVAR
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection System
AM Publications
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Wei-Yu Chen
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
IRJET Journal
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
butest
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
Affine Analytics
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest Minds
Happiest Minds Technologies
 
Survey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
csandit
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for Beginners
SKMohamedKasim
 
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
IJERA Editor
 
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Sandeep Kumar Seeram
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
dannykirk1221
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data Mining
Pritesh Ranjan
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET Journal
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET Journal
 
Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement
Ram Shankar Siva Kumar
 
4
44
4
aniketnimaje
 
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONCONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
IJNSA Journal
 

What's hot (20)

Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
 
A Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection SystemA Study on Data Mining Based Intrusion Detection System
A Study on Data Mining Based Intrusion Detection System
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
 
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion DetectionCloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
Cloudslam09:Building a Cloud Computing Analysis System for Intrusion Detection
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
A Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back FrameworkA Survey on Cloud-Based IP Trace Back Framework
A Survey on Cloud-Based IP Trace Back Framework
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
Whitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest MindsWhitepaper: Network Penetration Testing - Happiest Minds
Whitepaper: Network Penetration Testing - Happiest Minds
 
Survey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for Beginners
 
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
Exploring the Social Engineering Toolkit (Set) Using Backtrack 5R3
 
Cyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on ExamplesCyber Defense Forensic Analyst - Real World Hands-on Examples
Cyber Defense Forensic Analyst - Real World Hands-on Examples
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data Mining
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
 
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
IRJET- Netreconner: An Innovative Method to Intrusion Detection using Regular...
 
Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement Strata 2015 Presentation -- Detecting Lateral Movement
Strata 2015 Presentation -- Detecting Lateral Movement
 
4
44
4
 
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONCONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
 

Similar to Sec 572 Effective Communication / snaptutorial.com

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ronnasleightholm
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
amaranthbeg113
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
amaranthbeg53
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
amaranthbeg73
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
APNIC
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Barry Greene
 
Cis 333 Education Redefined - snaptutorial.com
Cis 333 Education Redefined - snaptutorial.comCis 333 Education Redefined - snaptutorial.com
Cis 333 Education Redefined - snaptutorial.com
DavisMurphyC75
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attack
newbie2019
 
Network Security
Network SecurityNetwork Security
Network Security
United Nations Development Program
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
Anton Chuvakin
 
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
Varun Mithran
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
maribethy2y
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
Jennifer Wood
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
eSAT Publishing House
 
Defense mechanism for ddos attack through machine learning
Defense mechanism for ddos attack through machine learningDefense mechanism for ddos attack through machine learning
Defense mechanism for ddos attack through machine learning
eSAT Journals
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
mccormicknadine86
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
- Mark - Fullbright
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applications
ijtsrd
 

Similar to Sec 572 Effective Communication / snaptutorial.com (20)

ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docxScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
ScenarioSummaryIn this lab, you will explore at least one IDS, IP.docx
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Cst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.comCst 630 Extraordinary Success/newtonhelp.com
Cst 630 Extraordinary Success/newtonhelp.com
 
Cst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.comCst 630 Motivated Minds/newtonhelp.com
Cst 630 Motivated Minds/newtonhelp.com
 
Cst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.comCst 630 Education is Power/newtonhelp.com
Cst 630 Education is Power/newtonhelp.com
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Cis 333 Education Redefined - snaptutorial.com
Cis 333 Education Redefined - snaptutorial.comCis 333 Education Redefined - snaptutorial.com
Cis 333 Education Redefined - snaptutorial.com
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attack
 
Network Security
Network SecurityNetwork Security
Network Security
 
Honeypot Essentials
Honeypot EssentialsHoneypot Essentials
Honeypot Essentials
 
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 
Defense mechanism for ddos attack through machine learning
Defense mechanism for ddos attack through machine learningDefense mechanism for ddos attack through machine learning
Defense mechanism for ddos attack through machine learning
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
Honeypot Methods and Applications
Honeypot Methods and ApplicationsHoneypot Methods and Applications
Honeypot Methods and Applications
 

Recently uploaded

How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
Celine George
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
Celine George
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
PECB
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
David Douglas School District
 
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdfANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
Priyankaranawat4
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
Priyankaranawat4
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
Colégio Santa Teresinha
 
Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
Kavitha Krishnan
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
TechSoup
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
Bisnar Chase Personal Injury Attorneys
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
chanes7
 

Recently uploaded (20)

How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold MethodHow to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
 
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdfANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
ANATOMY AND BIOMECHANICS OF HIP JOINT.pdf
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
 
Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionExecutive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
Executive Directors Chat Leveraging AI for Diversity, Equity, and Inclusion
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
 

Sec 572 Effective Communication / snaptutorial.com

  • 1. SEC 572 Week 1 iLab Denial of Service Attacks For more classes visit www.snaptutorial.com SEC 572 Week 1 iLab Denial of Service Attacks In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network's ability to properly communicate. The result will be a loss of service, such as the inability to access a website's home page. The DoS attacks have ranged from a large global
  • 2. footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack's target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim's network to launch other attacks. Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework • Name of the attack • Attack discovery and resolution dates • Synopsis of the attack • Vulnerable target(s) for the attack and likely victims • Probable motivation(s) of the attack • Probable creators of the attack • Deployment, propagation, or release strategy of the attack • Published countermeasures against the attack • Published recovery techniques used to return to normal operations after the attack • Recommended incident reporting measures • Citations and resources used in this report ******************************************************************************* SEC 572 Week 2 Network Security
  • 3. For more classes visit www.snaptutorial.com SEC 572 Week 2 Network Security ******************************************************************************* SEC 572 Week 3 iLab MD5 Best and Worst Use Cases For more classes visit www.snaptutorial.com SEC 572 Week 3 iLab MD5 Best and Worst Use Cases In this lab, you will explore the best and worst use of a popular message digest algorithm. For this one, we shall focus on MD5, but all of this can be applied to the other ones, such as SHA-1. In the best use portion, you will discover and outline a specific implementation of the MD5 algorithm, where it provides high value and a very low security risk. In contrast, in the worst use portion, you will attempt to crack an MD5 hash (this is ethical hacking) and suggest a scenario where the worst use practice may actually be implemented. The reason for this lab is to give you an understanding of how cryptography can be properly and improperly used and how changes in technology may serve to weaken trusted cryptographic applications.
  • 4. Best Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to good and proper use. Start by stating what the algorithm does and give a use case where either MD5 or SHA-1 has a best fit condition. It is generally about 5–10 sentences. Ethical Hacking of MD5: Copy the following text into your lab document and fill in the blanks. MD5 Hash 1: 4eefef62c45d66f55d89c515d8352c5c Input was: _____ MD5 Hash 2: 5f4dcc3b5aa765d61d8327deb882cf99 Input was: _____ MD5 Hash 3: d6a6bc0db10694a2d90e3a69648f3a03 Input was: _____ Worst Use of MD5 or SHA-1: Outline a scenario where the MD5 or SHA-1 algorithms are put to poor or improper use. Start by stating what improper assumptions were made and how it did (or could) lead to a security compromise. It is generally about 5–10 sentences. Citations and Resources Used in This Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. ******************************************************************************* SEC 572 Week 4 iLab Intrusion Detection Systems For more classes visit www.snaptutorial.com
  • 5. SEC 572 Week 4 iLab Intrusion Detection Systems Lab Document Framework The Target Network: Indicate the type of activities and data that it supports in a few sentences. For example, it is the website for an educational institution that holds personal academic and financial information, or it is the network used to control devices in a chemical plant. Use your imagination, but select something that is real and meaningful to you. The Protection System: Select one from the presented list (Step 2), or choose your own protection technology, if it is highly relevant. The Body of the Management Briefing Document: See the guidance in Step 3. It is generally about 4 to 10 paragraphs. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit, and tell us why you believe it is correct. Step 1 Broadly outline the target network. Indicate the type of activities and data that it supports in a few sentences. Step 2 Select the protection system. Choose from one of the following. Intrusion detection system (IDS) Intrusion protection system (IPS) Research honeypot Active honeypot Offensive honeypot Step 3 Create a management briefing document that will inform senior decision makers about their options, vendors, products, relevant examples, and issues associated with your selected protection (from Step 2). If cost can be identified, then please include that information as well. It is generally about 4 to 10 paragraphs.
  • 6. In this lab, you will explore at least one IDS, IPS, or Honeypot currently offered by product vendors and cloud service providers. You will be making a security recommendation, related to the protection of a target network of your choice. There are a few different paths you may take in this lab, so let's address some of the distinguishing features and definitions that are out there. IDS and IPS Overview An intrusion detection system (IDS) generally detects and logs known intrusions or anomalous network activity. Generally, no real-time protection actually occurs, therefore false-positives create little or no damage. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. An intrusion protection system (IPS) generally detects, logs, and then blocks known intrusions or anomalous network activity. False- positives are an issue and will result in a self-inflicted denial of service condition. Optionally, suspicious network traffic can be routed to an alternate network, such as a honeypot. Honeypot Overview Honeypots come in several broad categories. The most common labels we apply to them are research honeypots, active honeypots, and offensive honeypots. They are designed to do what their label suggests, and here is a brief summary. Note: Seek qualified legal advice before deploying any type of honeypot. Research honeypots generally collect and analyze data about the attacks against a decoy-network. They can also route the attacker to new decoy-networks, to gather more details about the potential attacks. The data gathered are used to understand the attacks and strengthen the potential target networks. Active honeypots have many of the features found in a research honeypot, but they also hold special content that, once taken by the attackers, can be used as evidence by investigators and law enforcement. For example, active honeypots may have database servers containing a fake bank account or credit card information.
  • 7. Offensive honeypots are configured with many of the features of the active honeypots, with one interesting and dangerous addition: they are designed to damage the attacker. When used outside of your own network, this type of honeypot can result in vigilantism, attacks against false-targets, and may result in criminal charges against the honeypot operators. Offensive honeypots are not recommended for non-law-enforcement organizations. However, when used fully within your own network, this technique can detect and neutralize the attacker. Any of the above services can be implemented on a privately managed network, or through a cloud service. The selection of one platform over another will generally determine where the specific protection occurs—on your network or in the cloud. The reason for this lab is to give you an understanding of how special network technology can be used as a security research tool, while also providing varying degrees of protection. Each section will vary in size based on the requirements. Drive yourself to create a useful document for the direction you have selected. ******************************************************************************* SEC 572 Week 5 iLab VPN For more classes visit www.snaptutorial.com SEC 572 Week 5 iLab VPN
  • 8. Lab Document Framework • Potentially Acceptable VPN Solution:State the general characteristics of one solution that meets the security and user requirements. Name the vendor(s) and VPN services. It is generally about 3 sentences. • VPN Solution Overview:Outline the technical functionality and customer requirements of your first choice for a VPN service. This may take the form of a feature chart that is mapped to the requirements. Include any special conditions, limitations, or exceptions that exist. It is generally about 2 pages. • Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your VPN solution. It is generally about 2 pages. • Citations and Resources Used in this Report:Tell us where you received external guidance and ideas. If you have presented original ideas, then give yourself credit and tell us why you believe it is correct. ******************************************************************************* SEC 572 Week 6 iLab For more classes visit www.snaptutorial.com SEC 572 iLab 6 Lab Document Framework • Requirements and Policies of the Secure Wireless Network:State the requirements and general security policies that will drive your design of a secure wireless network at the SOHO. It should be about 5–10 sentences or bullet points.
  • 9. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5– 10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. *******************************************************************************
  • 10. • Secure Wireless Network Solution Overview:Outline the technical functionality and customer requirements of your secure wireless network. Tell us what the design can do. Include any special conditions, limitations, or exceptions that exist. It should be about 5– 10 sentences or bullet points. • Secure Wireless Network Design Illustration:Using a graphic illustration tool, such as Visio, document the logical design of your secure wireless network design. It should be about two pages. • Citations and Resources Used in This Report:Tell us where you received external guidance and ideas. If you have presented original ideas, give yourself credit, and tell us why you believe it is correct. During Week 2, you should have completed iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines. In this lab, you will explore, select, and justify the selection of a secure wireless network for that (iLab 2) SOHO environment. You shall actually identify the hardware and software needed to support the network security policies and user requirements. The reason for this lab is to allow you to experience the wireless network technology selection process while working with a typical set of requirements and the current industry offerings. Basic Wireless Network Requirements and Assumptions Consult your iLab 2 of 6: Best Practices for Securing a Wireless Network in a SOHO—The Policy Statement, Processes, and Procedures Guidelines for a foundation to your design requirements. Create your own user requirements that are reasonable and typical for a SOHO. *******************************************************************************