Free Samples
SIT735 Network Communications Security
.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}
SIT735 Network Communications Security
0 Download9 Pages / 2,179 Words
Course Code: SIT735
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Questions:
Describe approaches to computer security including access control, identity verification and authentication in order to minimise cyber attacks on a system.
Compare and contrast different types of cryptography including current cryptographic algorithms and their applications.
Apply principles of public key cryptography to achieve secure communication networks by using digital certificates and digital signatures in compliance with industry standards.
Answers:
Introduction
The network security is the significant activity that is being designed for the proper protection of the integrity or usability of any data or network. The network security involves software as well as hardware technologies. The efficient and effective security of network helps in managing the network access (Wagner, Beimborn and Weitzel 2014). This eventually targets the variety of the security risks and thus stops these risks either from spreading or from entering into the network. This report will be providing a proper description on the famous and popular case study of the Comodo Certificate Authority Fraud Hack. The confidential information of clients is to be saved and for this purpose, a proper analysis is required with significant solutions.
Discussion
IT Security Problem
The security of computer or information technology is defined as the most vital protection of each and every computer system either from the theft or from damages to significant electronic data, software and hardware. The all types of disruption or misdirection of services can be easily stopped or mitigated (Brooks 2016). The security of information system eventually includes the management of the physical access to any type of hardware or software and also protecting against the damage or harm, which is caused through cost injection, malicious data and the network access. All the kinds of attacks or problems within the security of information technology are known as the IT security problems. The attacks are either intentional or accidental.
During 2011, the popular Comodo Certificate Fraud Hack has taken and each and every IT company was highly concerned for securing the data of that specific network. The contractor eventually maintains various networks of all these business clients. These clients have been receiving the payments from government for their services (Grimes 2018). To ensure the security and privacy of the sensitive information or data, the several measures are to taken as soon as possible. The several IT security attacks are highly threatening and thus the data has the tendency to lose that specific data.
Major IT Security Risks
The entire case of Comodo Certificate Fraud Hack, one of the Iranian hacker has duped the significant certificate authority for the purpose of issuing digital certificates into the unauthorized or unauthenticated parties (Laudon and Laudon 2016). This Iranian hacker had moved the critics for calling Mozilla as well as Microsoft to remove the Comodo as being the most authenticated as well as trusted certification authority. The hacker then generated the certificates for all famous and significant web sites such as Yahoo, Skype, Live.com and Google.
For the famous case study of hacking, several IT security risks that would be extremely dangerous for this company or information of the small business clients are as follows:
i) DDoS Attack: The most important security risk of information system or IS is the DDoS attack or distributed denial of service attack. The denial of service attacks are the types of attacks, in which any specific perpetrator can seek into a machine as well as network resource with the core purpose of making it unavailable for every intended and authorized users by eventually temporarily disrupting this within Internet connection (Castronova, A.M., Goodall and Ercan 2013). The DDoS attack or distributed denial of service attack is more dangerous than the denial of service attack, where the incoming traffic is flooded by the attacker and attacks could not be stopped.
ii) Eavesdropping: The second important and dangerous information technology and network security risk within this particular company is eavesdropping. This specific security risk majorly refers to the listening to any type of private conversation or communication without taking proper consent from the user. This is absolutely illegal or unethical within the cyber world (Dahlstrom, Walker and Dziuban 2013). All of these network types are vulnerable to the distributed denial of service attacks. The voice over internet protocol communication software can be termed as dangerous and threatening to electronic eavesdropping by various code injections such as Trojans. This company could be suffering from all the kinds of attacks as these hackers could be easily sneaking in to network with the purpose of accessing the sensitive information.
iii) Ransomware: Another important security threat to information technology is ransomware. The most vulnerable attack for the IT security, ransomware, where the information or devices are locked together and a ransom is demanded (Eason 2014). This specific vulnerability enables the victim to download malicious codes and hence the several types of vulnerabilities are spread by these codes. The most significant ransomware attack is WannaCry Ransomware attack in the month of May in 2017.
iv) Digital Certificate Threat: The fourth important type of security threat is digital certificate threat. This type of attack occurred in the case of Comodo Certificate Authority Fraud Hack. Digital certificate is defined as an electronic passport that allows organizations, persons and systems to exchange the sensitive data safely on the connectivity of Internet by taking the help of public key infrastructures of PKIs (Holtshouse 2013). This PKI is also known as public key certificate. It is one of the most significant risks to digital certificates and thus this data must be secured with significant measures within this organization.
v) Phishing: It is a kind of fraudulent attempt to obtain the confidential data such as passwords, usernames or any other credentials of network data. There are several malicious reasons for this type of security threat and all these security threats are executed by simply acting as a trustworthy entity for the electronic communications (Bloom et al. 2014). The fraudulent attempt can be easily carried out by instant messages or spoofing. The users are directed for eventually entering their personal and confidential information within the fake website. As the contractor is responsible for maintaining the network of clients, this phishing can be a nefarious attack and hence the integrity or confidentiality of data can be lost easily.
vi) Spyware: The sixth important security risk to IT is spyware. By this specific threat, data or information is gathered about a typical individual or organization without even taking proper consent to access the information from the authorized or authenticated users (Lloyd 2017). Usually, four kinds of spyware are present and these are Trojans, system monitors, adware as well as tracking the cookies. The specific malicious software is being used for tracking and storing the significant movements of users of Internet. This is done by serving the popup advertisements and by sending the suspicious links.
Proposed Solutions to the Identified Risks
The perfect analysis of each and every above mentioned identified risk is done after analyzing the Comodo Certificate Authority Fraud Hack scenario (Schwalbe 2015). The proposed solutions for the identified security risks and threats for maintaining the confidentiality or integrity of information or data are as follows:
i) Solution to DDoS Attack: The solution to the DDoS attack is the specific mitigation technique. A typical tool is present, which is used for resisting and mitigating the total impact of DDoS or distributed denial of service attack within the network, which is attached to the Internet connection by the protection of relay network or target network (Jiao and Onwuegbuzie 2017). Any IT engineer must be utilizing the technique for network security with the significant purpose that data or network security of the company is maintained perfectly.
ii) Solution to Eavesdropping: The solution to the eavesdropping threat is simply by the deployment of encryption technique in the organizational network. It is thus ensured that sensitive information or data is easily authenticated through enabling the authorized users (Watson and Tinsley 2013). The voice traffics or emails must be secured by simply implementing encryption technique. Hence, the unauthorized access of data is easily stopped.
iii) Solution to Ransomware: One of the most efficient solutions to the threat of ransomware is undertaking regular backups. These backups could easily secure the confidential data after the requirements are fulfilled properly. Thus, this security measure is responsible for restoring the data in the most effective manner (Tafti, Mithas and Krishnan 2013). Due to the presence of backup, a distinct copy of the data is preserved. The hacker did not get a chance for demanding a specific ransom within the company. Furthermore, these backups are validated on the periodic basis so that no loophole is present for securing the data.
iv) Solution to Digital Certificate Threat: The fourth security threat to the network security is digital certificate threat and the solution for this is trusted CA or certificate authorities (Ullah and Lai 2013). The pre existing CAs must be eventually removed and thus only those certificate authority should be included that is gained from PKI.
v) Solution to Phishing: The deployment of virtual private network is the easiest solution to phishing (Wagner, Vollmar and Wagner 2014). The LAN connectivity access is restricted by VPN and the most significant VPNs are SonicWall and Fortinet.
vi) Solution to Spyware: There is an antispyware technology must be implemented for stopping the spyware threat. The IT engineer of a company would be easily detecting or even preventing spyware without any type of complexity. Furthermore, the adware and Trojans are stopped by the technology and thus it is the most important solution for spyware.
Conclusion
Therefore, from the above report, it can be concluded that network security comprises of several layers at the edges and even within the networks. Each and every layer of network security eventually implements the controls or policies. The authenticated and authorized users obtain the proper access to the network resources; however the malicious activities could be blocked from simply carrying out the threats or exploits. Each and every company that wishes to deliver several services to customers should protect their network. The several users could either select any typical username as well as password to authenticate the data. This report has described the several network security threats with their significant mitigation plans for this case study.
Recommendations
This particular organization would be facing various important and dangerous security risks of information technology such as DDoS attacks or distributed denial of service attacks, eavesdropping, spyware, computer viruses, phishing, data breaching, spoofing and many others. All of the mentioned network security threats are highly threatening for the respective network; although the risks can be prevented with the help of significant precautions. Following are the few recommendations for the organization.
i) Use of Encryption on WAP: The first and the foremost recommendation for the organization is to utilize encryption for the WAP or wireless access point and hence encryption of WPA2 could be saving the data authenticity and integrity. Furthermore, by taking the wireless network, any type of confidential information is easily gathered.
ii) Hiding the Service Set Identifier: The second suggestion for this particular organization is hiding the service set identifier or SSD. All the wireless routers consist of any obscure ID and hence this information is secured.
iii) Change of Passwords: The next important suggestion for this specific network organization is that passwords must be changed in a fixed period. This type of measure helps to secure any type of sensitive information to a higher extent and hence the total security could be easily enhanced.
References
Bloom, N., Garicano, L., Sadun, R. and Van Reenen, J., 2014. The distinct effects of information technology and communication technology on firm organization. Management Science, 60(12), pp.2859-2885.
Brooks, D.C., 2016. ECAR study of undergraduate students and information technology (Vol. 4, No. 3, p. 2). 2016.
Castronova, A.M., Goodall, J.L. and Ercan, M.B., 2013. Integrated modeling within a hydrologic information system: an OpenMI based approach. Environmental Modelling & Software, 39, pp.263-273.
Dahlstrom, E., Walker, J.D. and Dziuban, C., 2013. ECAR study of undergraduate students and information technology(p. 2013). 2013.
Eason, K.D., 2014. Information technology and organisational change. CRC Press.
Grimes, R. 2018. The real security issue behind the Comodo hack. [online] CSO Online. Available at: https://www.csoonline.com/article/2623707/hacking/the-real-security-issue-behind-the-comodo-hack.html [Accessed 24 Aug. 2018].
Holtshouse, D.K., 2013. Information technology for knowledge management. Springer Science & Business Media.
Jiao, Q.G. and Onwuegbuzie, A.J., 2017. The impact of information technology on library anxiety: The role of computer attitudes. Information technology and libraries, 23(4), pp.138-144.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education India.
Lloyd, I., 2017. Information technology law. Oxford University Press.
Schwalbe, K., 2015. Information technology project management. Cengage Learning.
Tafti, A., Mithas, S. and Krishnan, M.S., 2013. The effect of information technology–enabled flexibility on formation and market value of alliances. Management Science, 59(1), pp.207-225.
Ullah, A. and Lai, R., 2013. A systematic review of business and information technology alignment. ACM Transactions on Management Information Systems (TMIS), 4(1), p.4.
Wagner, D., Vollmar, G. and Wagner, H.T., 2014. The impact of information technology on knowledge creation: An affordance approach to social media. Journal of Enterprise Information Management, 27(1), pp.31-44.
Wagner, H.T., Beimborn, D. and Weitzel, T., 2014. How social capital among information technology and business units drives operational alignment and IT business value. Journal of Management Information Systems, 31(1), pp.241-272.
Watson, D. and Tinsley, D. eds., 2013. Integrating information technology into education. Springer.
Free Membership to World’s Largest Sample Bank
To View this & another 50000+ free samples. Please put
your valid email id.
Yes, alert me for offers and important updates
Submit
Download Sample Now
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
UploadUnique Document
DocumentUnder Evaluation
Get Moneyinto Your Wallet
Total 9 pages
PAY 6 USD TO DOWNLOAD
*The content must not be available online or in our existing Database to qualify as
unique.
Cite This Work
To export a reference to this article please select a referencing stye below:
APA
MLA
Harvard
OSCOLA
Vancouver
My Assignment Help. (2020). Network Communications Security. Retrieved from https://myassignmenthelp.com/free-samples/sit735-network-communications-security/hardware-technologies.html.
“Network Communications Security.” My Assignment Help, 2020, https://myassignmenthelp.com/free-samples/sit735-network-communications-security/hardware-technologies.html.
My Assignment Help (2020) Network Communications Security [Online]. Available from: https://myassignmenthelp.com/free-samples/sit735-network-communications-security/hardware-technologies.html[Accessed 18 December 2021].
My Assignment Help. ‘Network Communications Security’ (My Assignment Help, 2020)
My Assignment Help. Network Communications Security [Internet]. My Assignment Help. 2020 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/sit735-network-communications-security/hardware-technologies.html.
×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}
×
Thank you for your interest
The respective sample has been mail to your register email id
×
CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.
Account created successfully!
We have sent login details on your registered email.
User:
Password:
MyAssignmenthelp.com offers timely solutions to all your assignment writing needs. Whenever you request for online assignment help, the team of experts at the website studies your requirements and perform the necessary measures to ensure that your requirements are met within the promised deadline. Even though timely delivery of the solution is of priority for the experts, they do not compromise on the quality of the solution, no matter how complex the task may seem.
Latest Management Samples
div#loaddata .card img {max-width: 100%;
}
MPM755 Building Success In Commerce
Download :
0 | Pages :
9
Course Code: MPM755
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More
SNM660 Evidence Based Practice
Download :
0 | Pages :
8
Course Code: SNM660
University: The University Of Sheffield
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration
BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20
Course Code: BSBHRM513
University: Tafe NSW
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More
MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5
Course Code: MKT2031
University: University Of Northampton
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration
MN506 System Management
Download :
0 | Pages :
7
Course Code: MN506
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology
Next