Network Security

Network Security

Part 1: Network Security Fundamentals

Nonrepudiation

Nonrepudiation is the ability to log and trace any performed action over a secured network, preventing a participant from denying it to act. Nonrepudiation is used in information assurance (IA) to manage information-related risks by protecting information on computers and servers from tampering with a third-party individual.

Antivirus software and IDPSs

Antivirus software and IDPSs are similar in that both use signatures to identify threats. The utilization of signature analysis begins with the software compiling and updating a database with popularly identified threats from suspicious websites. Therefore, the antivirus and IDPSs compare the detected potential threat’s signature against the identified threats’ database, suppose the signature matches any virus on the database. In that case, the computer is blocked from accessing the link, or the threat is eliminated before the computer accesses it (Wang & Long, 2020).

Access Control Method

The mandatory access control (MAC) method is a policy that assigns access rights to individuals based on a central authority. The policy works on the principle that information belongs to the organization, and as such, the organization is obligated to control the security policy (Sarker et al., 2020). The MAC method guarantees tight security because only a system administrator can access and alter the control mechanisms.

Part 2: The Goals of a Network Security Program

Five Goals of a Network

The first goal of a network security program is confidentiality. The goal of confidentiality entails all the activities undertaken to protect the organization’s precious data from being accessed by unauthorized parties. This ensures vital data is only available to the intended and authorized parties (Sarker et al., 2020). Accessibility to organization data is only permitted to authorized individuals. The second goal is integrity, which ensures that the data is not tampered with or degraded during or after submission. It guarantees that the data stored or received by the other party is original and has not been modified intentionally or unintentionally (He et al., 2021).

The third goal is availability, which means the information is available to authorized users when required. A system can guarantee the availability of the required information if it has proper security control mechanisms, communication channels, and computing capabilities. Accountability as the fourth goal entails employee understanding their generic responsibilities and being answerable for their actions (Sarker et al., 2020). Finally, assurance is the fifth goal that provides certainty that the security measures will prevent the organization’s data from falling into the wrong hands (Sarker et al., 2020).

Four Motivations That Compel Individuals and Groups to Attack a Network

The leading motivation is financial gain. The leading motivator is money, and getting access to money can be accessed with various methods. Due to the limited employment opportunities, hackers may resort to hacking the bank’s network or the login configurations to the account of a wealthy individual. They can then transfer the money through a complicated phishing technique and profit from these fishy deals (Nurse, 2018). The second motivation for individuals is gaining recognition locally, nationally, or even internationally. Some hackers desire to be recognized internationally by hacking a primary system globally.

The third motivation is political. Hackers desire to highlight the system vulnerabilities of large organizations. In other cases, some hackers may steal information and claim that they are practicing free speech, resulting in crashing a website with the deployment of a distributed denial of service (Nurse, 2018). Lastly, corporate espionage may motivate individuals to engage in network attacks. Corporate espionage involves attacks that permit an organization to gain an edge over competing firms in the same economic sector (Nurse, 2018). An organization may use the services of a hacker to acquire information on the location, customer data, pricing, and sales strategies.

Part 3: Attack Characteristics

Characteristics Used To Categorize Threat Levels of Attacks

The first attack characteristic of the level of threat an attack poses is malware. Malware is malicious software that includes ransomware, viruses, and spyware transferred to a system when a user clicks on a dangerous link or email address. When malware enters the network system, it can block access to vital network components, damage the system, and gather private information. The second attack characteristic is known as phishing. Phishing is when cybercriminals send malicious emails that may appear to be coming from legitimate sources. Users may be tempted to click on the link received, which may lead to the disclosure of vital information about the organization, such as bank credentials or login information.

The third attack characteristic is the denial of service attack that floods the system of the organization hence preventing it from fulfilling legitimate requests (Wang & Long, 2020). Hackers direct massive traffic to the organization’s network, derailing its functionality. Hackers can also use several infected devices to attack the targeted system. Finally, SQL injection is the final attack characteristic involving hackers gaining access to a system by uploading malicious SQL scripts (Wang & Long, 2020). Once hackers successfully upload the scripts, they can easily view, adjust, or delete data stored in the organization’s SQL database.

Target Value

Target value refers to a value that determines the quality characteristic that should be attained to guarantee sufficient security. Therefore, a source value is matched with the target value using the matching engine that compares the two figures. The two examples of target values are more prominent is better, and more minor is better. A larger, better target value is attained when an organization holds varied information in one software (Wang & Long, 2020). On the other hand, the smaller is better entails holding small fractions of information in different software settings.

References

He, R., Ai, B., Wang, G., Yang, M., Huang, C., & Zhong, Z. (2021). Wireless channel sparsity: Measurement, analysis, and exploitation in estimation. IEEE Wireless Communications, 28(4), 113-119.

Nurse, J. R. (2018). Cybercrime and you: How criminals attack and the human factors they seek to exploit. ArXiv preprint arXiv: 1811.06624. Retrieved on 24^th March 2022, from https://arxiv.org/pdf/1811.06624

Sarker, I. H., Furhad, M. H., & Nowrozy, R. (2021). Ai-driven cyber security: an overview, security intelligence modeling, and research directions. SN Computer Science, 2(3), 1-18. Retrieved on 24^th March 2022, from https://www.preprints.org/manuscript/202101.0457/download/final_file

Wang, M., & Long, Y. (2020, November). SM9 Digital Signature with Nonrepudiation. In 2020 16th International Conference on Computational Intelligence and Security (CIS) (pp. 356-361). IEEE. Retrieved on 24^th March 2022, from https://ieeexplore.ieee.org/abstract/document/9407486/

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Network Security

IT390-1: Discuss intrusion detection and incident response principles and concepts.

Part 1: Network Security Fundamentals

State your answer and briefly explain (50 words) each of the following three questions.

1. __________ is the ability to log and trace any performed action over a secured network, preventing a participant from denying it acted.
2. Antivirus software and IDPSs are similar in that both make use of ____________________ to identify threats.

1. Cookies

1. 1. Signatures
   2. Security patches
2. Which access control method relies on system administrators defining access in advance?
   1. Role-based access control (RBAC)
   2. Discretionary access control (DAC)
   3. Mandatory access control (MAC)

Part 2: The Goals of a Network Security Program

Answer and provide a 200-word explanation to each of the following two questions.

1. There are five goals of a network security program. Describe each.

1. Summarize the four motivations that compel individuals and groups to attack a network.

Part 3: Attack Characteristics

Consider the following and respond:

1. Four attack characteristics are used to categorize the level of threat an attack poses. Describe each (200 words)
2. What is meant by target value? Describe two target values. (100 words)