Nt1330 Unit 3 Assignment 1 Threat Analysis

There are many reasons why I would like to be a staff, while I have played some days I see no Staff on the server, And there are people who spam chat with servers or people will abuse features or hack and scam as i as a regular player on the Cyclone Network cannot do anything about these problems/players. I really love this server and love the people on it, and I want everyone to have the experience I have had playing on the Cyclone Network server I don't want the server to be full of hackers, scammers, and abusers. If you ask most people who know me they will most likely say I am nice and caring, because

Laptop’s Physical Security- Physical locks are the best means to prevent your laptop from being stolen. All laptops should be set to require a password to log on to the computer. Use a screen guard. These guards help prevent people from peeking over your shoulder as you work on sensitive information in a public place. Never leave access numbers or passwords in your carrying case. Configure your screen saver to require a password. Purchase CompuTrace for your computer. If your computer is stolen, CompuTrace will alert the proper authorities to find and retrieve your computer. Never leave your laptop unattended, even for a moment.

Four security threats that can impact a web server are active wiretapping, phishing expeditions, masquerading and a delay attack. Active wiretapping is when an unauthorized party changes a message stream of information. An example of this would be a deposit that was done online and the amount of the deposit is altered. Phishing expeditions are when a bogus email is sent to someone and they are asked to enter password, username and even credit card information, which would be used fraudulently. Masquerading is when a fake version of a website is sent to a recipient. A delay attack is when the speed of accessing website is slowed down considerably or even to the point where it is inaccessible. I would consider active wiretapping the most important because this could cause altered banking transactions, and this would happen after you made the transaction, without your knowledge. Also, the transaction could leave you without any money left in your bank accounts. The next important threat would be a phishing expedition. This is because there are those that wouldn’t pick up any differences in the webpage and would give their confidential information out. As with wiretapping, this can also cause monetary loss for the victim and the need for you to change your banking information. Masquerading would be the next important because the victim could have online orders changed, as well as the address the order was to be delivered to. Lastly, a delay attach would seem the least

We have been tasked to establish the communication standards for the new cooperate website, there are many areas we need to take to inconsideration for establishing these standards.

The most effective way to protect your personal information on the internet is to have a strong password. A strong password should consist of a mixture of upper and lower case letters, numbers, and special characters. Ideally you want a unique password made up of at least ten characters for every website you have an account on.

The Shellshock bug in GNU Bash also known as CVE-2014-6271 is an exploit where an attacker can execute arbitrary commands to a victims system. These commands can perform remote code execution on vulnerable machines. The vulnerability is present in Bash version 4.3 and under. The bug was has been in the wild for about 20 years and it was discovered by Stephane Chazelas. One of the exploits CVE-2014-6271 causes is remote code execution via CGI scripting. Common Gateway Scripting is a common method used to generate dynamic content on Web pages and Web applications.

What are your past experiences of being a staff member: I've been Helper, Mod , Admin and even Owner on different servers in the timeline of 3 years. And mostly on Faction servers. Not on hcf yet, but you need to start somewhere :D

For the creation of the first database HandsOnOne in a new Query Editor window, first, I went to the SQL Server Management Studio in the program menu and make sure to connect to the named instance SQLSERVERHOA. After the successful connection to the named instance, I went to the Object Explorer and right clicked on the database and select New Database. I typed the new Database name HandsOnOne and made the update in Autogrowth and initial size column as Data file initial size: 40 MB, Log file initial size: 15 MB, Autogrowth enabled with 15 MB in file growth, and Unlimited maximum file size as shown above in screen shot # 1.

Security questions will be a great help also to ensure your account. This is a security question secret password that will help you recover your account if it is hacked by the intruder. Make sure you select a unique questions and answer it in a perplexing way. If the questions are too simple, intruder can guess it effortlessly by just searching your details in your social media accounts.

The penetration tools provided in this document allow us to review our network from a security standpoint. This paper focused predominantly on phase two of a penetration test, the exploitation phase; however, a successful penetration test typically starts with the reconnaissance phase. In this phase, the tester attempts to gain as much information about the target company and its network as possible. He or she will test the physical infrastructure (how do people gain access to the building?) and other organizational aspects of the company to find a weakness and a way to get in. Also during this portion of the test, the penetration tester will use tools such as NMAP, whois.com, and other resources to obtain information regarding the network

2. Active Attack: Active attacks are those attacks where the attacker takes malicious action in addition to passively listening to ongoing traffic e.g. attacker might choose to modify packets, inject packets or even disrupt network service. The misbehaving node has to bear some energy costs in order to perform some harmful operation like changing the data. Active attacks cause damage and are malicious which often threaten integrity, availability of the network. These type of attacks can be internal or external [7].

We should perform Attack and Penetration tests to identify vulnerabilities in our network which can be accessed by hackers. Attackers sniffing on the network look for weak points in the network, thus knowing the weak points using internal and external attack and penetration tests will make our network more secure.

IT projects can be many times a daunting task to both the contracted IT Company and the clients. With some short deadlines, there is usually a small window of opportunity to present skills and produce positive results. As a network administrator, the pressure to deliver top notch and a robust system is a priority. U.S. industry Inc is just a young company that has both the quality and skills and knowledge to produce excellent work considering previous contracts that have been undertaken by the company. The US government department aims to expand its network infrastructure to enlarge the capacity and enable it provide quality services.

What potential security problems do you see in the increasing use of intranets and extranets in business? What might be done to solve such problems? Give several examples.

Users: This can include social engineering threats, misconfiguration of equipment, and inside threats where employees steal or leak information intentionally.