Computer and Network Security

In: Computers and Technology

Submitted By cannm82
Words 1760
Pages 8
Lab 2 and Assessment 2
Unit 2
Crystal McLey
Kaplan University

Lab 2
The three most common risk/threats/vulnerabilities that are commonly found in the user domain are: The “domain enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges” (CVE, 2013), If the domain user logs into the domain with a space at the end of the domain name it will cause an error and wont accurately download a system policy (CVE, 2013), and the domain user or admin have a guessable password in Windows NT (CVE, 2013).
In the first article it discusses the use of USB devices in the workplace. USB’s are used for transporting data from one computer to another. These allow for business requirements to be reached at a faster pace but they also pose a number of security challenges. Those challenges may be “disgruntled workers, careless users and malicious individuals” (Couture, 2009, p. 6).
Ways to migrate this issue is by gluing shut the ports, disable USB ports in BIOS, prevent users from installing a USB device by denying permission on files called usbstor.pnf and usbstor.inf, making USB ports read only, disable USB ports in Group Policy, or disable Autorun (Couture, 2009, p. 11).
In the second article it discusses the vulnerabilities of the BIOS. The BIOS performs power up test amongst the hardware components and memory and without this program the computer wouldn’t know what to do after it was turned on. The BIOS can be accessed by the use of backdoor passwords, cracking the BIOS password, deleting the contents of the CMOS RAM by software and/or hardware (Allgeuer, 2001, p. 4).
Ways to mitigate the risk of users accessing the BIOS is to use BIOS passwords to protect the BIOA configuration utility, for the more critical systems different BIOS password should be used than less critical systems, boot only from hard drives, computer cases should be…...

Similar Documents

Computer and Network Security

...Computer and Network security Problem statement Unauthorized Access “As the threat of unauthorized access grows companies and people continue to look for security to upgrade.” (Howard, 2009)``Unauthorized access'' is a very high-level term that can refer to a number of different sorts of attacks. The goal of these attacks is to access some resource that your machine should not provide the attacker. For example, a host might be a web server, and should provide anyone with requested web pages. However, that host should not provide command shell access without being sure that the person making such a request is someone who should get it, such as a local administrator. What network security is The history of network security “Sense the 1980’s networks have become more complex, so the need for security has become more complex.” (Mowers, 2006) The need for network security is a relatively new requirement. Prior to the 1980s most computers were not networked. It was not due to lack of desire to network them; it was more a result of the lack of technology. People or organizations could be interconnected over the shared network. It was no longer necessary to connect systems in a point-to-point configuration. Vulnerabilities were introduced with the deployment of this distributed environment utilizing shared, packet switched networks employing protocols such as TCP/IP and the concept of trusted systems. Systems on the network "trusted" each other. This situation was frequently...

Words: 1474 - Pages: 6

Network Security

...Case Study: Network Security Computer networks of every company have the potential to be exposed to dangers that have the potential to do great harm. Individuals could gain access to Windows and Unix/Linux servers to exploit the company’s vulnerabilities. Computer networks are not only vulnerable to outsiders, but employees also have the opportunity to compromise the system. An unprotected network would open the door for malicious activity that could damage the company’s system, compromise company and customer information, and cost a great amount of precious time and money. A breach in the network could have a negative impact on finances, privacy, and information. Securing the Windows and Unix/Linux servers within a company from shortcomings and vulnerabilities to potential threats by both outsiders and insiders is an absolute necessity. This is achieved by using technical measures and enforcing security policies. One reason it is important to secure the servers is potential of the insider threat. With 1,500 employees, the chance of an attack from the inside is elevated. The threat could come in the form of a disgruntled employee, by someone looking for gain, or by someone who unknowingly compromises the system. Conklin and White (2010) stated the following: One of the hardest threats that security professionals will have to address is that of the insider. Since employees already have access to the organization and its assets, additional mechanisms need to be in place to......

Words: 647 - Pages: 3

Computer Networks

...computer networks Table of Contents DECLARATION 2 INTRODUCTION 5 PURPOSE 5 NETWORK CRITERIA 6 Performance 6 Reliability 6 Security 6 TYPES OF NETWORK CONNECTION 6 NETWORK CLASSIFICATION 7 Connection method 7 Wired technologies 7 Wireless technologies 8 Scale 9 Personal Area Network 9 Local Area Network 9 Metropolitan Area Networks 10 Wide Area Network 10 Network Architecture 10 BASIC HARDWARE COMPONENTS 14 Network interface cards 14 Repeaters 14 Hubs 14 Bridges 15 Switches 15 Routers 15 Modem 16 CABLE STANDARD 16 Connectors and other information 16 Conductors required 17 Characteristics 17 ACCESS CONTROL METHODS 19 Token Based Access 19 Token priority 19 Carrier Sense Multiple Access with Collision Detection (CSMA/CD) 20 Collision detected procedure 20 INTRODUCTION A computer network, often simply referred to as a network, is a group of computers and devices interconnected by communications channels that facilitate communications among users and allows users to share resources. Networks may be classified according to a wide variety of characteristics. A computer network allows sharing of resources and information among interconnected devices. In the 1960s, the Advanced Research Projects Agency (ARPA) started funding the design of the Advanced Research Projects Agency Network (ARPANET) for the United States Department of Defense. It was the first computer network in the World.  Development of the......

Words: 5343 - Pages: 22

Computer Network & Information Security

...has focused on computer security of big businesses and how they have been breached, yet individuals do not stop and think about their own personal computer safety. Information can be stolen or damaged, access of personal computers can be gained without permission, viruses and worms can enter creating problems for a user, and our computers may be susceptible to cyber-attacks from hackers. Yet most computer users are new to the technology or do not realize the dangers at hand. This is why users need to learn how to keep their personal computer safe. To achieve a good level of security, there are many important elements that must be taken into account: authentication, access control, data integrity, content protection, etc. Information security can be obtained using methods such as cryptography and network protocols. Computer security is the process of detecting unauthorized use of your computer or PC. As the old saying goes “prevention is better than cure”, according to this we realize that if we learn about the possible loopholes in the security, then we can prevent it from occurring in the first place. But the big question is 'why should I care about my computer security?’. We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Although we may not consider our communication a 'top secret', but you don’t want others to eavesdrop on you conversations, read your mails, use your computer to attack......

Words: 1454 - Pages: 6

Computer Network Security Lab 1

...protocol (ARP)? Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. 2. What is the purpose of the dynamic host control protocol (DHCP)? 3. DHCP (Dynamic Host Configuration Protocol) is a protocol that lets network administrators manage centrally and automate the assignment of IP (Internet Protocol) configurations on a computer network. 2 4. 3. Identify the DHCP allocated source IP host address for the vWorkstation desktop and the TargetWindows01 virtual server. 172.30.0.2 and 172.30.0.8 4. When you pinged the targeted IP host (172.30.0.8 or 172.30.0.200), what was the source IP address and destination IP address of the ICMP echo-request packet? 172.30.0.2 5. Did the targeted IP host respond to the ICMP echo-request packet with an ICMP echo-reply packet? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes, each replied with 4 replies. 6. Find a TCP three-way handshake for a Telnet, FTP, or SSH session. What is the significance of the TCP three-way handshake? The three-way handshake is needed to establish a reliable connection. The handshake allows the server and client to agree on properties that provide for security as well as reliability 7. What was the SEQ# of the initial SYN TCP packet and ACK# of the SYN ACK TCP packet? SEQ# 0, ACK# 1 8. During the instructor’s Telnet......

Words: 386 - Pages: 2

Network Security

...Network security is the process of protecting the user from things that can potentially ruin a computer or leak information that other people should not have access to.Some things that can attack a network system include viruses,worms, as well as trojan horses, spyware along with adware,attacks called zero hour,attacks by hackers,denied service hacks,data interception and theft,and the last on being identity theft.In order for network security to work it needs to have both hardware as well as software to protect the network which is done with things such as anti virus and spyware software.It also needs a firewall which is responsible for blocking the unauthorized user from gaining access to the network.Intrusion prevention systems which are tasked with identifying attacks such as zero hour.The last thing to make network security work is a virtual local area network which provides secure remote access. By using these various methods of protecting the network it will benefit the businesses by receiving the customers trust in the company by making sure their privacy is protected in such ways as making sure things like credit card data or sensitive data is stolen and exploited.It also makes sure the network is secure even if it is being used by someone remotely as long as ......

Words: 4285 - Pages: 18

Network Security

...Network Security Clint Tipps September 21, 2014 ISSC340/ APUS Prof. Bryan Jensen Abstract This paper will cover several aspects of network security. Numerous different aspects of wired and wireless network security, including protocols applied to secure a network, penetration testing, digital forensics, and network hardening will be covered. There are numerous methods for providing security to a network, and even more to gain access to one. The challenge is to be one step ahead of anyone who may wish to penetrate the network. For this reason, many owners of large networks perform penetration testing in order to identify potential holes in their network. If malicious activity is detected, using digital forensics can help identify where the attack came from. This would, in turn, lead to a network engineer to harden the network against the identified threat. Network Security Over the last decade, computer systems have increased in speed and capacity while decreasing in price. Computers that where once used in corporate environments are now less powerful than a typical household computer. While this sea change occurred, network communications have grown and improved, to allow computers to communicate easily from remote locations, adding vast opportunities for illegal activities. Data can maliciously be changed or destroyed, systems can be made to malfunction and long distance charges can be avoided. One of the biggest challenges today is to control the security of......

Words: 3488 - Pages: 14

Wireless Networks & Network Security

...Wireless Networks & Network Security ISSC 340 Professor Vijay Venkatesh James Lange 08/13/2013 Wireless Networks are somewhat new technology in comparison to the know-how that makes them possible. The knowledge regarding wireless technology goes back about 200 years. One of the first individuals deserving recognition for today’s wireless networks is a scientist, inventor and politician named Benjamin Franklin. In 1747 he had built a model that showed how electricity could move through the air unaided by any type of wiring. In the early 1750’s Mr. Franklin started experimenting with electricity and the rest is history. Franklin was under the belief that lightening was an electrical current. So with the famous kite and key experiment he proved to himself and others that he was right. His fascination with electricity led him to later experiments with an electrical tube given to him by a friend. A second individual that played a part in today’s wireless technology is Hans Christian Oersted. In 1819 he had found that a compass needle had movement if it was presented with electrical current. This relationship between the needle and the electricity is an essential part of electromagnetism. It is said that this discovery by Oersted happened completely by chance. While preparing for one of his lectures he was setting up some of his equipment. The compass and battery were in close proximity to each other and the needle moved from magnetic north whenever the switch to......

Words: 3213 - Pages: 13

Network Security

...Nasario Birrueta IT 200: Milestone Three Network Security Network security is one of the most important aspects of implementing a fully functional working network, downtime caused by poor network security can cause major economic loses. The two matters that need to be addressed is the User and Physical equipment. Network security begins with the user. As such would implement a Network Use policy that the employee must sign and adhere to. The company network is to be used for work purposes only. All activity will be monitored and subjected to review by upper management. All users will use strong passwords that are at least 8 characters with upper case and at least one number and not to be shared not even to their immediate supervisors unless OK by IT and or upper management such as a VP or higher. All passwords will be monitored and subject to a monthly review and a password change. Users who do not need internet access will not have access to the internet, a warehouse employee would not need internet access to complete his job duties. But a purchasing employee would need to research for supply vendors that employee would need internet access. In a scenario where a warehouse employee needs internet access a password could be utilized that opens the internet for such these are often called Proxy server or a service that could be used is OpenDNS. At the network level all Personal computers will have the latest and greatest anti-virus software along with all...

Words: 569 - Pages: 3

Computer Network Security for Social Networking

...Computer Network Security for Social Networking McCray C. Devin Undergraduate Business, Leadership, Information System Technology Security Regent University 1000 Regent University dr. Virginia Beach, VA 23464 e-mail: devimcc@mail.regent.edu Abstract In this paper, I will address the security issues, flaws, and problems that social networking sites are faced with in retrospect to information that the sites hold. The Information is not protected from the public in any way, why is this a normal operation about the popular social media sites. Lastly I want to address the simplicity of gaining someone vital information through a protected individual’s social network profile. 1. Introduction In today’s society almost everyone has some type of social networking service that they hold an account with. These social networking sites are a great way to communicate, network, and interact with fellow colligates and friends. Facebook, Twitter, and Google plus are just a few social networking sites to mention. These sites all have a one factor authentication system for the user to log into their account (Beaver) .This simplistic authentication systems is very easy and efficient for the users accessing there accounts. The idea arose if it is this easy for me to log into my account how easy would it be for an outside party to gain access within my account. Companies are faced with the problem of convenience over security. (McCHale 12) In this paper I would like to......

Words: 2048 - Pages: 9

Network Security

...Network Security Network security is a serious matter. A network allows you to share you to share information and resources, but it also lets computer viruses, human intruders, or even disgruntled employees do far more damage they could on a single machine, imagine what would happened to a company if all is data vanish, then you would understand why network security is so important to a company. Network can be group into Local Area Network (LAN), Wide Area Networks, Internetwork (Internets) all these networks need security to prevent them from nonmalicous humans and malicious attackers, hackers who are after destroying people or causing harm to a company. However before we discuss network security it would be good if we start with having a little knowledge of what a network is. A “network” has been defined as “any set of interlinking lines resembling a net, a network of roads, an interconnected system, a network of alliances”. We can also define network as a collection of communication host. Having said a little about network we then try to know what computer security is all about. Computer security is the process of preventing and detecting unauthorized use of your computer. When we take about preventive measures it help you to stop unauthorized users from accessing any part of your computer system and detection helps you to determine whether or not someone attempted to break into your system. Network security can be defined “as the provision made in an underlying......

Words: 1259 - Pages: 6

Facebook Computer and Network Security

...Computer and Network Security Abstract Facebook began in 2004 as a kind of online directory for undergraduates at Harvard University, created and launched by Harvard students Mark Zuckerberg et al. Two months later, the site expanded to include other Ivy League schools. After that, the college network slowly grew and by the end of 2010, Facebook has over 500 million active users. Facebook is social networking. People have been “facebooking” each other for about 6 years now, making Facebook the most used social network worldwide. The purpose of this paper is to briefly describe Facebook’s history as well as also discuss Facebook’s inner working, covering its architecture and front/backend infrastructure, pretty much the nuts and bolts holding Facebook together. In closing, if looked past all of the features and innovations the main idea behind Facebook is really very basic, keeping people connected. Facebook realizes the power of social networking and is constantly innovating to keep their service the best in the business. Overview and Structure of the Organization Facebook is a social network service and website launched in February 2004 that is operated and privately owned by Facebook, Inc. As of July 2010, Facebook has more than 500 million active users, which is about one person for every fourteen in the world. Users may create a personal profile, add other users as friends and exchange messages, including automatic notifications when they update their profile.......

Words: 2589 - Pages: 11

Evaluating the Security of Computer Networks

...Evaluating the Security of Computer Networks Security in Systems Architecture and Applications SE579 2 Table of Contents Evaluating the Security of Computer Networks I. Vulnerabilities A. Design Flaws B. Poor Security Management C. Incorrect Implementation II. Firewalls A. Packet Filtering B. Circuit Level Gateway Proxy Server C. Application Gateway III. Antivirus A. Scans IV. Intrusion Detection Systems V. Disadvantages VI. Conclusion 3 One of the major computing challenges in today’s economy is the lack of adequate security over the information computer networks, and internet applications in which business, government, and economy depend on. Businesses have become more dependent on information. The gathering, organizing, managing, finding, and analyzing of information are crucial to businesses. Computer viruses created by hackers cost businesses $55 billion in 2003. In 2011, a single instance of hacking on the Play Station cost Sony more than $170 million, while Google lost $500,000 due to hacking in 2005.(Coyne) 2003 Single instances of hacking may cost as much as $600,000 to $7m a day......

Words: 2281 - Pages: 10

Network Security

...Importance of Security The Internet has undoubtedly become the largest public data network, enabling and facilitating both personal and business communications worldwide. The volume of traffic moving over the Internet, as well as corporate networks, is expanding exponentially every day. More and more communication is taking place via e-mail; mobile workers, telecommuters, and branch offices are using the Internet to remotely connect to their corporate networks; and commercial transactions completed over the Internet, via the World Wide Web, now account for large portions of corporate revenue. While the Internet has transformed and greatly improved the way we do business, this vast network and its associated technologies have opened the door to an increasing number of security threats from which corporations must protect themselves. Although network attacks are presumably more serious when they are inflicted upon businesses that store sensitive data, such as personal medical or financial records, the consequences of attacks on any entity range from mildly inconvenient to completely debilitating—important data can be lost, privacy can be violated, and several hours, or even days, of network downtime can ensue. Despite the costly risks of potential security breaches, the Internet can be one of the safest means by which to conduct business. For example, giving credit card information to a telemarketer over the phone or a waiter in a restaurant can be more risky than submitting......

Words: 3895 - Pages: 16

Network and Computers

...to a server in a network of computers that use the Windows NT Operating System. (Domain controller) Windows NT uses the thought of a domain to manage access to a set of network resources for a group of users. (Domain controller) The person only needs to log in, to gain access to the resources connected to the domain; but could be on any number of different servers in a network. The primary domain controller (which is one server) manages the master user database for the domain. (Domain controller) Backup domain controllers are one or more servers. The primary domain controller will send copies of the database periodically to the backup domain controllers. The backup domain controllers also steps in as the primary domain controller, when the primary domain controller server fails; to help keep the balance of the work if the network is busy. “In Windows NT, a domain combines some of the advantages of a workgroup (a group of users who exchange access to each other’s resources on different computers) and a directory (a group of users who are managed centrally by an administrator).” (Domain controller) The domain concept not only lets a person to obtain access to different resources that are on different servers, but it lets one domain to be given access to another domain in a trusted relationship. In this relationship, the person only needs to log into the first domain to gain access to the second domain. (Domain controller) “In a Windows NT network, not all......

Words: 1064 - Pages: 5

查看更多 | Code Black | Yu-Gi-Oh! Zexal