Small Paper

  This will have to be completed by 5/11/15 9PM center standard time. If you can not meet that deadline please do not message me. Please be a original paper and use proper in text citations and APA style. Please make sure you complete the guidelines.   Scenario/Summary In this lab, you will discover and analyze one of two different real network attacks. This will give you insight into the motivation, vulnerabilities, threats, and countermeasures associated with your selected network attack. There are two categories of network attacks you will be concerned with this week. The first is a network denial of service (DoS) attack, and the second is a targeted attack on a network device connected to the network. You will also discover the distributed denial of service (DDoS) attack and you may use that one as well. The key difference between a DoS and a DDoS attack is that the DDoS attack is launched towards the target from numerous source locations. A botnet attack is an example of a DDoS attack. Your goal is to select a specific instance of one type of attack and provide a managerial-style awareness document. Assume that you are delivering your analysis to business or government managers who have a general understanding of network communications. The reason for the choice of two different attacks is to allow you to select a broad or narrow focus for your work. This will also give you a high probability of discovering a very current attack. In general, the network denial of service attack may significantly diminish the network’s ability to properly communicate. The result will be a loss of service, such as the inability to access a website’s home page. The DoS attacks have ranged from a large global footprint to a specific target network endpoint. For example, the SQL slammer worm was a global DoS attack, lasting for days and requiring server modifications. In contrast, selected websites were shut down by hacker groups, such as the hacktivist collective Anonymous, requiring support from the ISPs and firewall vendors. The targeted attack on a network device can result in a DoS as well, but it uses the current network to deliver the destructive payload to the target system. For example, a SQL injection attack’s target is the database server, with the Internet and the corporate network actually delivering the destructive payload to the target. Furthermore, this type of attack may leave the network functional because it uses it to propagate to other devices or uses the victim’s network to launch other attacks. Deliverables Document Authoring Guidelines Each section of your report may require 1–6 sentences to properly address the topic. For example, the attack discovery and resolution dates will be one sentence, whereas the synopsis of the attack will require about six sentences. Your primary goal is to provide the reader valuable information about the attack. Lab Document Framework Name of the attack Attack discovery and resolution dates Synopsis of the attack Vulnerable target(s) for the attack and likely victims Probable motivation(s) of the attack Probable creators of the attack Deployment, propagation, or release strategy of the attack Published countermeasures against the attack Published recovery techniques used to return to normal operations after the attack Recommended incident reporting measures Citations and resources used in this report Delivering Your Lab Document Organize your materials into a single comprehensive document. Name your document(s) so that the course ID, your full name, and this lab’s name are referenced. For example, include SEC572_FirstName_LastName_Lab1 in the file’s name. Your document must be readable with Microsoft Word 2007 (or prior), or a standard PDF file viewer. Submit your assignment to the Week 1 Dropbox located on the silver tab at the top of this page. See the Syllabus section “Due Dates for Assignments & Exams” for due date information. Use the Dropbox comment area to give your instructor an introduction, or to state any special information. iLAB STEPS Step 1 Back to Top Select either a denial-of-service or targeted attack on a network device for your lab assignment. Step 2 Back to Top Using any of the material cited in the suggested resources section below, develop a managerial-style awareness document, considering the following framework. You may modify this framework to deliver your message in a more effective manner, in certain cases. For example, if the attack has just surfaced within the past few days, you may not find much information about countermeasures or probable creators of the attack. Your document must be readable with Microsoft Word 2007 (or prior), or a standard PDF file viewer. STEP 3 Back to Top STEP 3: Develop wireless security “Processes and Procedures” guidelines for that network. STEP 4 Back to Top STEP 4: Organize your materials into a single comprehensive document. Name your document(s) such that the course ID, your full name and this lab’s name are referenced. For example, include “SEC572_FirstName_LastName_Lab2” in the file’s name. Your document must be readable with Microsoft Word 2007(or prior), or a standard PDF file viewer STEP 5 Back to Top STEP 5 – Deliver Your Lab Document: Submit your assignment to the Week 2 Dropbox located on the silver tab at the top of this page. (See the Syllabus section “Due Dates for Assignments & Exams” for due date information.) Use the Dropbox comment area to give your instructor an introduction, or state any special information. STEP #: Step Title Back to Top Lab Document Framework The SOHO Wireless Network: Describe the setting for the SOHO Wireless Network. Example: 5 person law office, size and layout and other details. Relevant physical conditions. Generally about 3 to 5 sentences, or bullet points. Key Network Requirements: Describe the key user, application and systems requirements. Example: What must the network provide and how will it be used. Identify special industry or regulatory requirements. Discuss bandwidth requirements, fault-tolerance, recovery goals, privacy needs, openness needs, etc. Generally about 5 to 10 sentences, or bullet points. Wireless Network Security Policy Statement: Outline a Wireless Network Security Policy Statement. This should address the key policies that must be respected. Generally 2 to 3 paragraphs, or 5 to 10 sentences, or 5 to 10 bullet points. Each statement is mapped to (highly related to) the requirements. Wireless Network Security Processes and Procedures Statement: Outline a Wireless Network Security Processes and Procedures Statement. This should address the key operational tasks that must be respected. Generally 5 to 10 “must do” statements and mapped to the requirements, or the Security Policy. Citations and Resources Used in this Report: Tell us where you received external guidance and ideas. If you have presented original ideas, than give yourself credit and tell us why you believe it will work. Suggested Resources Back to Top   Professional journals and security websites News media releases Vulnerability databases found on the Internet (See the examples below, but be aware that URLs do change without notice.) http://nvd.nist.gov/ http://www.securityfocus.com/vulnerabilities http://osvdb.org/ http://cve.mitre.org/ and http://cve.mitre.org/compatible/vulnerability_management.html http://secunia.com/community/advisories/historic/