Network Security and Vulnerability Threat Table

Network Security and Vulnerability flagellum TableLAN SecurityIs the local study earnings that devil control apply the private VLANs and its a networking device in spite of appearance a small geographical bea. They are non safe and secure compared to former(a) networks because its easy to admission fee the WLAN earnest compared to others its more of convenience everywhere protective cover therefrom it get out everywherehaul business and IT organizations to improve on their network by providing suitable choices for WLAN tribute for organizations to redeem a safe WLAN in their working place they must(prenominal) get procedures that outlines forms of double connections that are allowed in the work place for warranter purposes, excessively to consider security and its impacts to other networks for eccentric theWLAN ,to gestate knob devices and APs, likewise to fare fervency and vulnerability monitoring respectively to support this type of network and lastly to carry out a regular assessment active WLAN security in the organization.The wireless system stand bys devices to connect to the estimator minus them being connected to the network,WLAN consists of invitee devices for examples the laptops and the glide path points(APs),the APs connect client devices with distributing system(DS) and DS its the precisely way by which client devices finish devour in pution or communicate with LAN and other networks. Also we have wireless switches that help the WLAN is administrators to manage it.WLAN ArchitectureIt has the chase comp integritynts including the client devices,APs and the wireless switches, this spokesperson tries to show the importance of having a prototype chemical mechanism of security thereof providing recommendations for implementing, evaluating and maintaining those configurations of the client devices.The architecture of an organization should be standard when it comes to the issues of security configurations becau se it provides a base for security thus decrease the vulnerabilities and consequences of attacks that might be successful, it will improve the consistency and predictability of security. The side by side(p) makes up WLAN architecture roaming, microcells, infrascture, and independent. breakaway WLAN is the simplest unrivaled which consists a conference of figurers that are equipped with client adapter and nark points are not necessary in this case. al-Qaeda WLAN consists of wireless stations and access points combined with DS that help roaming and mediating wireless network traffic.Microcells and roaming a microcell is an area callage for an AP,they help drug substance ab drug substance abusers to front between access points without having to log in once more and restarting the industriousnesss again, for roaming to work, access points must have a way of exchanging information as a user connectThreats of WLANThe following explains the security threats of WLAN that are likely to happen eavesdropping, spoofing and defense team of serviceA) EavesdroppingInvolves attack against the confidentiality of info that is transmitted across the network, eavesdropping is a big threat because the aggressor chiffonier intercept the transmission over air from a blank space that is away from the organizationB) SpoofingIt is where the attacker could gain access to info and resources in the network by assuming the identity of a valid user this is because some networks do not manifest the source address thus the attackers whitethorn spoof MAC addresses and hijack sessions.C) Denial of serviceThis is where the trespasser floods the network with either genuine or fake information alter the availability of the network resources, WLAN are very vulnerable against denial service attacks due to the nature of the radio transmission.LAN SecurityIs a wireless networking device within a small locality that access control using the private VLANs.Identity focussingIs the system stipulate whereby the right people access the right and valid information at the right moments and for good particular reasons.Physical securityIts the protection of the hardware, software product, networks, and information from actions that could cause loss or damage to an organization for instance theft. personalized securityAvailabilityIs the quality or state of information or info of being available and easily accessed.PrivacyIs the state of a person to seclude himself or herself, or information about him or her, so its the procreation of information or confidentiality of entropy.Cyberattactks in tabular formatType of attackEffectMalwareIts a computing device code that a malicious function, apply to destroy or steal private data in a computer.Password attacksThey attack on snatch a person or user is password so that the attacker may obtain access to a secured system.Denial of serviceFocuses on the col of a network service when an attacker sends volumes of traffic to th e network that is targeted.The following will be employed to mitigate the above types of attacks on the computerThreat intelligence reports, are documents that describe types of system and information that is on mission or the one being targeted and information important to the organization.We have security alerts that are notifications about the current vulnerabilities and some security concerns. implement configuration is the recommendations for mechanisms that support the exchange, analyzing, and the use of threat information.Indicators can also be utilize, they suggest or tell that an attack is imminent or its afoot(predicate) for instance we have the IP.Plan of protectionsopenStego-its a put down steganography that has the following functions info hiding where it can hide data within a cover file watermarking files with an invisible scratchature.Quickstego -helps someone to hide text in pictures so that its only users of quickstego who can be able to imagine and go through those messages.Oursecret -enables the user to hide text files for instance images and videos thus suitable for direct confidential information.Veracrypt -it adds enhanced security to the algorithmic curriculums used for system and partions encoding making it immune to new developments in brite-force attacks.Axcrypt -it integrates seamlessly with windows to compress, encrypt, trace, store, send, and work with individual files.GPG-it enables to encrypt and sign data, parley, as well as access modules for all public directories. cryptological mechanisms to organizationCryptographic is indite is in secret code within the context of any application and these are the requirements for itAuthentication, privacy, intergrity, and non-repudiationThey includeschannel CNG provider model,ECC exercise suites,AES account suites and the default image suite preference. so the basic mechanism is to covert data into cipher text form and then again into the decipherable when it gets into the user. encoding and decoding is the main mechanism which works and ensures free flow of data within the system.BenefitsThe use of using public unwraps enables individuals to switch data into the encrypted form. utilize to hide crucial important and vital information.Helps in preventing leakage of vital data from a networkHelps in the trademark of users over the transfer or flow of data in electronic way.Risks associated with these are that they make the problem of general learn recovery hard-fought and expensive and too insecure and expensive for many applications and users as lifesize. institutionalize encryption nebsVeracrypt, axcyrpt, Bitlocker, GNU Privacy Guard and 7-zipFile encryption orderWe have the following methods exceptions, syntax, remarks and securityResults of the encryption filesThey provide an overview and pointers to resources on EFSThey also point to the implementation strategies and best practicesEncryption technologiesShift/Caesar cipher-its a tool that uses the switching of a letter by another one throw out in the alphabet.Polyalphabetic cipher-is a cipher that is establish on substitution using the multiple substitution alphabets.Perfect cipher-these are ciphers that can never be broken even with after an unlimited time.Block ciphers-is an algorithm deterministic that operates on meliorate-length groups of bits.Triple diethylstilboestrol-is a symmetric- key out block cipher that applies the DES algorithm three times to the data bits in the system.RSA-is a public-key in the cryptosystems and is used for the transmission of secure data.Advanced encryption standard-its a cipher based on the substitution-permutation network and works fast in both the hardware and software.Symmetric encryption-these are the algorithms that uses the akin cryptographic keys for both encryption and decryption of the cipher text.Text block coding-are the family of error-correcting codes that do encode data in bits.Information hiding and steganography -is the process of concealing a file, video, image or file.digital watermarking-is the practice of hiding digital information in a flattop signal in the system.Masks and filtering-masks show which of the part of the message is displayed. explanationsecurity architecture of the organizationIt has the following components including the client devices,APs and the wireless switches, this part tries to show the importance of having a standard mechanism of security thus providing recommendations for implementing, evaluating and maintaining those configurations of the client devices.The architecture of an organization should be standard when it comes to the issues of security configurations because it provides a base for security thus reducing the vulnerabilities and consequences of attacks that might be successful, it will improve the consistency and predictability of security. The following makes up WLAN architecture roaming, microcells, infrascture and independent. Independent WLAN is t he simplest one which consists a group of computers that are equipped with client adapter and access points are not necessary in this case.Infrastructure WLAN consists of wireless stations and access points combined with DS that help roaming and mediating wireless network traffic.Microcells and roaming a microcell is an area coverage for an AP,they help users to move between access points without having to log in again and restarting the applications again, for roaming to work, access points must have a way of exchanging information as a user connect.the cryptographic means of protecting the assets of the organizationCryptographic is writing is writing in secret code within the context of any application and these are the requirements for itAuthentication,privacy,intergrity and non-repudiationThey include schannel CNG provider model, ECC cipher suites, AES cipher suites and the default cipher suite preference. so the basic mechanism is to covert data into cipher text form and then a gain into the decipherable when it gets into the user. Encryption and decryption is the main mechanism which works and ensures free flow of data within the system.BenefitsThe use of using public keys enables individuals to convert data into the encrypted form.Used to hide crucial. important and vital information.Helps in preventing leakage of vital data from a networkHelps in the authentication of users over the transfer or flow of data in electronic way.the types of known attacks against those types of protectionsPassword attacks-its a third party who tries to get access of information by cracking the password.Malware-codes with malicious intent to steal data or destruction of the computer system.DOS attacks-it majors on or targeting disruption of the network and can be prevented by keeping the system secure.Strong passwords are the only way against this attack.Malware should be avoided by doing away with links to unknown users.How to cellblock off the attacksMalware-avoid clicking and downloading attachments from unknown users.Phishing-through verification of any requests from organization via email over the business phone.Passwords attacks-use of strong passwordsDOS attacks-the system of the organization to be kept secure with software updates.Encryption Technologies Data Hiding TechnologiesandShift/Caesar cipher-its a tool that uses the substitution of a letter by another one further in the alphabet.Polyalphabetic cipher-is a cipher that is based on substitution using the multiple substitution alphabets.Perfect cipher-these are ciphers that can never be broken even with after an unlimited time.Block ciphers-is an algorithm deterministic that operates on fixed-length groups of bits.Triple DES-is a symmetric-key block cipher that applies the DES algorithm three times to the data bits in the system.RSA-is a public-key in the cryptosystems and is used for the transmission of secure data.Advanced encryption standard-its a cipher based on the substitution-permu tation network and works fast in both the hardware and software.Symmetric encryption-these are the algorithms that uses the same cryptographic keys for both encryption and decryption of the cipher text.Text blocks coding-are the family of error-correcting codes that do encode data in bits.Information hiding and steganography-is the process of concealing a file, video, image, or file.Digital watermarking-is the practice of hiding digital information in a carrier signal in the system.Masks and filtering-masks show which of the part of the message is displayed.Network security vulnerability and threat table aboveCommon Access fluff Deployment StrategyHow identity management can be part of security program and CAC positionment planIdentity management involves telling what the user can do to certain(prenominal) devices at a given time. Identity management can be part of the program because of its reasons well known for instance increasing security, also production while decreasing the cost and effort.The program tools of identity management take up to run as application towards a server because it defines the type of user and devices allowed to work on a certain network this for it to be part of the program, must depend on alerts, reports, insurance definition and alarmsThus offering directory integration and connection of the wireless and non wireless users and meeting almost the operational and security requirements.Deployment plan of the common access controlCan come for different reasons so as to deploy and enforce the authorization indemnity for instanceThe organization -wide authorization policy that is driven from compliance level of organizational requirement.also departmental authorization policy where they have some special data handling the requirements that would be passed to heterogeneous department. Then the specific data management relating to compliance and targeting at the protection of the right access of information.Email Security Strategy Types of public-private key matrimonyPublic keys may be disseminated widely but private are only known to user owner. This makes two functions-the authentication when public key is used to verify or show a private user sent a message and encryption where the holder of the private key can decrypt the message.Authentication-is when the public key is used to verify that a holder of the paired private key sent the message.Non-repudiation-its an attribute of communication that seeks to prevent the occurrence of the untrue or false denial of function by either party because it provides the originator of data with credible induction showing information was received as it was addressed.Hashing -its used to index and retrieve items in database because it is faster to find an item through the use of shorter hashed key thus hashing being the transformation of a string of characters into a shorter fixed length than the original size.This added security benefit will ensure integrity of messag ing bySpeeding being high this is when the number of entries is large because maximum number of entries can be predicted in advance so that the bucket array can be allocated once also one may reduce the average lookup cost by a careful choice of the hash function and even the internal data of structures.Pretty Good Policy-its a program that is used to encrypt and decrypt email over the internet as well as to authenticate digital messages with signatures the stored files that are already encrypted.GNU privacy Guard-its an encryption software program since it uses the combination of conventional symmetric-key cryptography for speed.Public key stem -its a cryptography key that enables the distribution and the identification of the public encryption keys thus enabling the devices to exchange data securely over respective(a) networks.Digital signature -its an electronic signature that can be used to authenticate the identity of the person sending the message.Mobile device encryption-th ey help mitigate security jeopardys whereby data must be encrypted while it is in transit and when in storage.How to use smart table readers tied to computer systemsSmartcard are the credit-sized tractile cards that do contain the circuit card that are combine they can be deployed together with readers to provide user authentication and the non-repudiation for wider pasture of security purposes.A single smart card can be issued to each network user so as to provide a single set of credentials for logging to extraneous networks.Complexibility of cost and technical foul of email encryption strategic to security benefitsThe following elements must be consideredThe basics because encryption is a process that is based on the cipher that makes or ensures information is hidden.Aslo choosing what to encrypt because it will be part of the risk management and the planning process of data governance. The three states of data in order for data to be secure from data in exploit to data at rest and last data in use. recommendationSmart card can be deployed together with readers to provide user authentication and the non-repudiation for wider range of security purposes.A single smart card can be issued to each network user so as to provide a single set of credentials for logging to remote networksA deployment plan its a step to step on what need to happen in the last stage in the email security strategy, for a deployment plan to be effective the following must be put into considerationLayered application that deals with the design management dependencies between components also the people who structure application layers should not be same again to structure the hardware infrastructure.Reference Atul.kahate, cryptography, and Network security Tata mc Graw.Hill Publishing Company Limited, 2003E .kranakis primarily and cryptography, Wiley, 1986