Introduction
The black hat hackers have always purposed to exploit any vulnerabilities they find. Once they find a big target, the chance of concentrating on attacking it is high. Most of the organizations that use networks would be foolish to always feel comfortable with their existing network security features. Networks have a lot of points through which the hackers can intrude and mess around with the firewalls as well as the intrusion detection systems. It is important that an organization’s management identifies the possibility of risks. The risks are identified by first analyzing the specific malicious attacks that have the potential of being carried out against the organization’s network (Murphy, 2015). The impact of the attack should also be assessed. In addition, the organization should realize that there are certain security controls that could be carried out in order to protect it from the discussed attacks. It is also important to analyze the potential necessities of data theft and loss. Finally, it is important to implement all the security controls recommended such that the organization is protected against any potential attack that could lead to the loss and theft of the organization’s data.
Analyze three (3) specific potential malicious attacks and/ or threats that could be carried out against the network and organization.
One of the attacks against the network could be targeted on the Firewall. Firewall attacks are through media access control address spoofing. Media access control addresses are similar to device identifiers in any given network (Murphy, 2015). Hackers spoof media access control addresses in order to steal the bandwidth in a given network or corrupt it all together. Media access control address spoofing is also used by hackers to link the IP addresses to the media access control address that they use or as a way of conducting future attacks on the same organization.
The other attack on the network of the organization could be performed at the application layer. Attacks at the application layer are used as a means of disrupting the normal operations of an OS in the system that has been targeted and all its applications. As such, the attacker accesses the system at will and is able to execute future attacks (Murphy, 2015).
Finally, the wireless access point could also be a target of attack. For instance, the Denial of Service attack prevents a user from accessing network resources. Denial of Service attacks are conducted by introducing a flood of faulty packets into the network with an aim of restricting any legitimate traffic resulting in an unresponsive system. The legitimate traffic is simply blocked by introducing tons of faulty requests to the network.
Explain in detail the potential impact of the three (3) selected malicious attacks.
Media access control address spoofing could result in the attacker gaining access to a lot of information that could aid them in performing more attacks. For example, access to the organization’s IP address on the network could result in stealing of data where the data meant for the victim is channeled to the attacker. An attacker could also use the address resolution protocol spoofing attack where they send spoofed ARP information messages linking the users IP address to the attacker’s media access control address (Guo, Liao, Liu, & Zhu, 2016).
The attack on the application layer not only disrupts the normal functioning, but also interrupts the applications, settings of the system, access controls, as well as the network, thereby allowing viruses and other malware to modify, delete, and add data by introducing other problematic software.
In DoS attacks the potential attackers that are unable to access the wireless local area network jam the wireless network with some static noise resulting in collision of wireless signals and subsequent CRC errors. Such Denial of Service attacks lead to complete shutdown and at times, severely slowdown affected wireless networks. However, not all the related network slowdowns are as a result of attackers (Guo et al., 2016).
Propose the security controls that you would consider implementing in order to protect against the selected potential malicious attacks.
The application layer could be protected using the application security manager called the F5 BIG-IP. It provides an application layer protection by analyzing the interaction of the user and the application firewall. It is always automatically configured. It is capable of packet inspection and analysis of behavior for the protection against malicious requests and activities (Guo et al., 2016).
Finally, to protect against Denial of Service attacks, one could consult a cloud mitigation provider that mitigates the network from the cloud. As such, they build a huge amount of bandwidth for the network and enables the network to handle any amount of traffic. Alternatively, one could buy the on-premises equipment that sits in the data center of the network in front of the normal servers.Analyze three (3) potential concerns for data loss and data theft that may exist in the documented network.
There is a need to protect company data from loss and theft for several reasons. First, when data from an organization is lost or stolen, they are not sure where the data is being stored and the people who are accessing it. Secondly, the organizations are required to comply with the regulations to protect and safeguard all the sensitive information (Lammle, 2015). Finally, the organization would like to gain a competitive advantage over other organizations both in their reputation and brand.Explicate the potential impact of the three (3) selected concerns for data loss and data theft.
When the data is lost and in the hands of unknown persons, the company employees will feel unsafe and exposed. The information can be used against them unexpectedly and, thus the blame would be on the organization’s management. The organization can also crumble when the information is placed in the hands of their competitors by the attackers (Lammle, 2015). Since the government has set regulations for all the companies to protect their data and that of the employees, loss of data would be detected during audits and would result in fines and cancellation of licenses. Finally, when the data of the company is exposed, the company loses its reputation. The employees resign and the clientele base shifts to a more responsible and reliable company. As a result, the competitors have an easy win over the organization in question.
Propose the security controls that you would consider implementing in order to protect against the selected concerns for data loss and data theft. Protection of the data to prevent the three concerns raised above could be achieved by use of Data Loss Protection technology. The technology identifies, protects, and monitors all the data that is in use, in storage, and in transit. It is a technology that enforces all the security policies associated with data. The DLP technology provides the security and IT staff with a 360-degree view of their data, its location, and flow (Lammle, 2015). As such, the data will be identified wherever it is and also when it is being used. To ensure that the company does not suffer the losses as a result of non-compliance penalties and breaching of the law, the company should adopt DLP that introduces controls that ensure the safety of confidential information even across unsecure lines. DLP monitors the data from where it lives, on transit, and where it is used. As such, the risk of data loss is significantly reduced. To protect the company’s reputation by preventing data loss, DLP ensures that the valuable secrets used by the company in their trade and the other important information are kept safe. As such, no negative publicity follows the company due to data breaches. The customers are also not lost since they perceive the organization as cautious and responsible.
References
Guo, S., Liao, X., Liu, F., & Zhu, Y. (Eds.). (2016). Collaborative Computing: Networking, Applications, and Worksharing: 11th International Conference, CollaborateCom 2015, Wuhan, November 10-11, 2015, China. Proceedings. AG, Switzerland: Springer.
Lammle, T. (2015). CompTIA Network+ Study Guide, (Exam: N10-006) (3rd ed.). Indianapolis, Indiana: John Wiley & Sons.
Murphy, G. B. (2015). SSCP Systems Security Certified Practitioner Study Guide. Indianapolis, Indiana: John Wiley & Sons.
