Scribd
Upload
9 views2 pages

Homework 03

English

Uploaded by

justmepeter98
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views2 pages

Homework 03

English

Uploaded by

justmepeter98
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

NAME:

TODAY’S DATE:

ISEC 650 Homework 3


Please use APA style formatting.
Question 1
The network below belongs to a small-sized pharmaceutical company researching vaccines. The
methods and products developed in this company are at the target of state-sponsored hacker groups.

Although database server is the primary critical asset that stores intellectual property and webserver is
used to access the data by authorized users from the Internet, the attack surface includes all of the
assets you see in the figure.

Assets (Attack surface): Database server, user workstations, internal & DMZ switch, Webserver, DNS
server, firewall, router, and company employees.

As a result, hackers have been trying all possible ways of exploiting vulnerabilities in these assets.
Moreover, the activities of internal employees should also be observed, and it should be confirmed that
they follow the need-to-know principle and don’t perform malicious activities.

Select one of the following monitoring tools that also have strong network security monitoring
capabilities. Please carefully review the website of the software you chose.

1. Nagios
2. Cacti
3. Solarwinds

Explain how this network monitoring tool helps security administrators in detecting the following cases.
Feel free to provide the names of the modules/plugins/agents of the selected tool. Select at least three
attack case for your answer.

1) Hackers are scanning externally visible IP addresses of the company.


2) Hackers are performing vulnerability scanning of the web applications hosted on the webserver.
3) Hackers are trying to poison the cache of the DNS server.
4) Internal threats are installing malicious tools on their computers.
5) Internal threats are trying to access/dump/backup database.
6) Internal threats are launching man-in-the-middle (Arp cache poisoning) attack.
7) Intenral threats are accessing external malicious websites.

Question 2
You are the security administrator of this network; please draft a network operational procedure that
lists the steps of discovering one of the three malicious behaviors you selected in the previous question.
You can conduct research of existing procedures on the web.

Question 3 - Weekly Learning and Reflection


In two to three paragraphs of prose (i.e., sentences, not bullet lists) using APA style citations if needed,
summarize and interact with the content that was covered this week in class. In your summary, you
should highlight the major topics, theories, practices, and knowledge that were covered. Your summary
should also interact with the material through personal observations, reflections, and applications to the
field of study. In particular, highlight what surprised, enlightened, or otherwise engaged you. Make sure
to include at least one thing that you’re still confused about or ask a question about the content or the
field. In other words, you should think and write critically not just about what was presented but also
what you have learned through the session. Questions asked here will be summarized and answered
anonymously in the next class.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy