Identifying Potential Malicious Attacks, Threats, and Vulnerabilities
Identifying Potential Malicious Attacks, Threats, and Vulnerabilities
Background
In assignment 1, the company's existing network infrastructure was analyzed for examining the potential threats and vulnerabilities of the prospective malicious activities which would negatively affect the company's network. It was discussed that the biggest vulnerability to the computers, networks, and the data placed therein is from the actions of human beings, either ignorant or malicious. In case of a malicious activity by any human being, they usually have some specific intention or goal behind such action. Several different malicious attacks have been employed by the computer hackers for the order of accomplishing their objective of damaging the computer network of an organization. The point of this videogame company's network that is most vulnerable is the WAP - Wireless Access Point. It is situated inside the local area network and it is responsible for ascertaining the network security by protecting it with firewalls. It has just a single means of protection, that is, the internal configuration.
This vulnerability imparts a number of attacks such as Eavesdropping, Brute-Force, and Snooping. Several different malicious attacks have been employed by the computer hackers for the order of accomplishing their objective of damaging the computer network of an organization. Such attacks may be initiated from various attempts like; denial of service attacks for denying the service to authorized users, acquiring access to the clients and servers, acquiring access to the back-door databases, having the software installed for Trojan horse and lastly having a software installed on the server that would run a sniffer mode for the purpose of encapsulating the employees' user IDs and pass keys. The purpose of this assignment is to develop appropriate strategies and to establish the required controls, thereby making relevant modifications in the network security plan for the purpose of ascertaining that the systems remains secured from the identified risks and vulnerabilities.
Network Security Strategies and Controls
Configuration Management
Strong configuration management is the most essential step towards the establishment of an effective strategy for the prevention and mitigation of risks and vulnerabilities identified in the network. Almost all of the identified risks and vulnerabilities can be dealt with by means of strong and effective configuration management, which encompasses;
Ascertaining that every machine operational in the organization is running updated copies of the OS;
Ascertaining that every patch is applied as it is shipped;
Ascertaining that the configuration and service files are free from all serious holes, for instance; world-writeable password files;
Ascertaining that after the installation of the products, they are freed from any known default passkeys; and
Ascertaining that an appropriate discipline in the organization backs up this entire procedure (Gollmann, 2010)
Authentication and Authorization
Authentication controls would be focused at the verification of the device or person that attempts to gain access to the system. Authentication of the users could be carried out by validating;
Any physical characteristic, known as a “biometric identifier”, for instance, their voice or fingerprints;
Anything they acquire like ID badges or smart cards; and
Anything user knows, like personal identification numbers (PINs) or ...