After completing this assessment, student's should be able to:
- Discuss common threats and attacks on networked information systems
- Identify network threats
- Explain the major methodologies for secure networks and what threats they address
Assignment Description
Part A:
Distributed denial of service (DDoS) attacks present a significant security threat to corporations. In one study, covering a three-week period, investigators observed more than 12,000 attacks against more than 5000 distinct targets, ranging from well-known ecommerce companies such as Amazon and Hotmail to small foreign ISPs and dial-up connections. DDoS attacks make computer systems inaccessible by flooding servers, networks, or even end user systems with useless traffic so that legitimate users can no longer gain access to those resources. In a typical DDoS attack, a large number of compromised hosts are amassed to send useless packets. In recent years, the attack methods and tools have become more sophisticated, effective, and more difficult to trace to the real attackers, while defence technologies have been unable to withstand large-scale attacks. A denial of service (DoS) attack is an attempt to prevent legitimate users of a service from using that service. When this attack comes from a single host or network node, then it is simply referred to as a DoS attack. A more serious threat is posed by a DDoS attack. In a DDoS attack, an attacker is able to recruit a number of hosts throughout the Internet to simultaneously or in a coordinated fashion launch an attack upon the target.
Figure
1) Using the given DDoS attack diagram in Figure 1, identify type of DDoS attack and justify in detail how this attack will affects the Victim's workstation.
2) Discuss atleast two solutions how this attack can be avoided or mitigated.
Part B:
It is important for networking professionals to stay abreast of new security threats and learn how to address them. In this task, you will look at some web resources that can help you find out about vulnerabilities on your network. For this task, you will need a workstation with internet connectivity and a web browser.
1) Connect to the internet and point your browser to the following:
https://technet.microsoft.com/en-us/security/advisories
2) View the entire list of published security advisories. Scroll through and find any two vulnerabilities related to Microsoft product that's familiar to you such as windows, web browsers or Microsoft office. Click the advisory's title and number in the left column to view the entire announcement.
3) Read the description of the problem and how it has been addressed. How was the problem discovered and reported? How could someone exploit this vulnerability? Does the potential vulnerability belong to any of the categories you learned such as DDoS, Brute Force, Phishing etc? What are the potential damages this vulnerability could cause, if exploited?