Project 1 - A Network Intrusion
.pptx
keyboard_arrow_up
School
Towson University *
*We aren’t endorsed by this school
Course
640
Subject
Computer Science
Date
Jan 9, 2024
Type
pptx
Pages
13
Uploaded by tynitajohnson on coursehero.com
Digital Forensics Technology and Practices:
Project 1 - A Network Intrusion
Tynita Johnson
<Insert Graphic Here>
Project 1 - Introduction
•
The purpose of Project 1 is to understand the dangers of misconfigurations that done by on a website by an administrator. •
Network Intrusion is unauthorized activity on a digital network. •
It is important for every organization to be proactive in understand network intrusion.
MARS Linux System
•
The Linux system is Kali Linux which is a Virtual Network Computing. This system allows you to access remote from any desktop environment.
MARS Windows System
•
Windows System using MARS on a windows server 2019. Since the server window server is in 2019 there is a better chance for the technologies to run better than most.
IIS Setup
•
ISS is the website that was created using your IP address and your name using the FTP file. IIS supports HTTP, HTTPS, FTP, FTPS and NNTP. IIS runs on windows systems to request HTML pages or files.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
For the Agent Tesla malware, please write a short paragraph based on the given background and website info:
Agent Tesla is a RAT that targets Windows operating systems. It is available for purchase on criminal forums as Malware-as-a-Service (MaaS). It has various capabilities depending on the version purchased, including capturing keystrokes and screenshots, harvesting saved credentials from web browsers, copying clipboard data, exfiltrating victim files, and loading other malware onto the host.
https://www.cisecurity.org/insights/blog/top-10-malware-december-2022
Agent Tesla is an extremely popular spyware Trojan written for the .NET framework that has been observed since 2014 with many iterations since then. It is used to steal sensitive information from a victim’s device such as user credentials, keystrokes, clipboard data, credentials from browsers, and other information. This information can then be traded or used for business intelligence or ransom. Agent Tesla is most commonly…
arrow_forward
Separating files of one user from another = is user’s permissions
Making data secure and hard to read by unauthorised users = is Encryption
Detecting malicious files received from the Internet = is Anti-Virus
Blocking unwanted traffic trying to access a network = is Firewall List the names, purposes and characteristics of a range of security techniques.
You have now talked more about the purpose. However, you still need to talk about the more technical details of each security technique that you have identified (standard and admin accounts, BitLocker encryption, anti-virus, firewall).
Justify the use of a range of security techniques in typical situations.
It may help to consider what would happen without the security mechanisms and go from there.
arrow_forward
Data Security is considered a senior Management concern and responsibility. It affects every company’s operation, reputation and ultimately impacts revenue, profits, and a competitive edge. Yet many companies do not implement defenses that could help to prevent and control data breaches. In June 2012 LinkedIn a business social network site was hacked, this data breach was discovered when IT security experts discovered millions of LinkedIn passwords on a Russian underground site. The reason this happened was that the company was using outdated encryption methods and within 2 days, most passwords were cracked. What steps can a business take to keep control of its data security? What security management processes and activities in each process should a business follow to ensure they have an Information Technology Risk management strategy in place?
arrow_forward
Exercise 4 - Playing with a sandbox (a computing one of course, not the one you find on a playground!)
Find a sandbox used by a computing system and examine its security settings and/or any existing
restrictions on access control. Think about why such security settings and/or access control policies are
needed and how they are enforced. Search for any published vulnerabilities that can compromise the
security settings.
For the
report, describe what sandbox you choose and what you learned about it briefly.
Hint: Examples include mobile apps, Docker containers, virtual machines, virtual servers (e.g., a virtual
server hosted by a web hosting company), and elements in a web page.
arrow_forward
Eli Lilly and Company
Threat: Phishing attacks are a significant threat to pharmaceutical companies like Eli Lilly. Cybercriminals may attempt to impersonate the company to steal sensitive research or personal information.
Vulnerability: Employees may inadvertently fall victim to phishing emails, clicking on malicious links or downloading harmful attachments.
Threat Action: Cybercriminals send convincing-looking emails that appear to be from trusted sources, tricking employees into revealing sensitive information.
Vulnerability Mitigation Techniques:
Employee Training: Regular training and awareness programs can educate employees about the dangers of phishing and how to recognize phishing attempts.
Email Filtering: Implement advanced email filtering systems to identify and quarantine phishing emails before they reach employee inboxes.
Multi-Factor Authentication (MFA): Require MFA for accessing sensitive systems and data to prevent unauthorized access.
Cummins Inc.…
arrow_forward
Hi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format:
Discussion: Misadventures of a Nation State Podcast
Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do.
Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix.
Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…
arrow_forward
Joe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do?
Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…
arrow_forward
A security policy is a document that provides employees with clear instructions about acceptable use of company confidential information, explains how the company secures data resources and what it expects of the people who work with this information. Most importantly, the policy is designed with enough flexibility to be amended when necessary.
You are working in organization X, and you are supposed to develop an issue-specific security policy
issue is MOBILE COMPUTING
To develop the different sections of your policy, you can refer to SANS Policy Templates
https://www.sans.org/information-security-policy/
arrow_forward
Antivirus is a kind of software used to prevent, scan, detect and delete viruses from a computer. Once installed, most antivirus software runs automatically in the background to provide real-time protection against virus attacks.Comprehensive virus protection programs help protect your files and hardware from malware such as worms, Trojan horses and spyware, and may also offer additional protection such as customizable firewalls and website blocking. On same background explain how does an Antivirus system in a computer function.
arrow_forward
Virus operation that attaches itself to executables. Why is this executable being reworked, and how can it be done?
arrow_forward
Malware can have various behaviors, explain what these items are:
a) Privilege Escalation and how is it accomplished?
b) IAT Hooking and Inline Hooking
c) DLL Load-Order Hijacking
Edit View Insert Format
als
Tahle
arrow_forward
Different from browser-based password managers, standalone password managers are designed to be used without the need for an internet connection. Do you have a suggestion for me? Why?
arrow_forward
y using a free software application, list the steps for password cracking an Iot Device for vulnerability analysis project. Has to be actual demonstration. No hand written solution and no image
arrow_forward
More Malware! Ugh! For this question select a specific type of malware (Trojans Horses, Viruses, Worms, Ransomware) and identify the following (Do not use examples in the book!): What type it is (name the category of malware (see the parenthesis above). How does it infect a computer? How does it get into the computer (most common ways – not an exhaustive list); what does it do once it is there? Are there any well-known examples of this type of malware? Name at least one. Describe the damage done by it (cost of loss or number of systems affected or hack that occurred). What is the best defense against this type of malware? Explain.
arrow_forward
For each exploit, provide the following information in the README.md:
A small writeup indicating the steps you used to recreate
The types / classes of vulnerabilities involved and any related CVE identifiers
Identify affected versions and patches
Links to the source code, where possible
A screen cap
Example Exploits:
CSRF
User Enumeration
Privilege Escalation
arrow_forward
Project: Ethical Hacking to identify system vulnerabilities
Practical Part
Live demonstration for the following attacks:
• SmurfDoS attack
arrow_forward
Analyze the security mechanisms implemented in operating systems, such as access control lists, user privileges, and intrusion detection.
arrow_forward
Project: Ethical Hacking to identify system vulnerabilities
Practical Part
Live demonstration for the following attacks:
• Man in the middle attack: ARP spoofing + web fishing
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Related Questions
- For the Agent Tesla malware, please write a short paragraph based on the given background and website info: Agent Tesla is a RAT that targets Windows operating systems. It is available for purchase on criminal forums as Malware-as-a-Service (MaaS). It has various capabilities depending on the version purchased, including capturing keystrokes and screenshots, harvesting saved credentials from web browsers, copying clipboard data, exfiltrating victim files, and loading other malware onto the host. https://www.cisecurity.org/insights/blog/top-10-malware-december-2022 Agent Tesla is an extremely popular spyware Trojan written for the .NET framework that has been observed since 2014 with many iterations since then. It is used to steal sensitive information from a victim’s device such as user credentials, keystrokes, clipboard data, credentials from browsers, and other information. This information can then be traded or used for business intelligence or ransom. Agent Tesla is most commonly…arrow_forwardSeparating files of one user from another = is user’s permissions Making data secure and hard to read by unauthorised users = is Encryption Detecting malicious files received from the Internet = is Anti-Virus Blocking unwanted traffic trying to access a network = is Firewall List the names, purposes and characteristics of a range of security techniques. You have now talked more about the purpose. However, you still need to talk about the more technical details of each security technique that you have identified (standard and admin accounts, BitLocker encryption, anti-virus, firewall). Justify the use of a range of security techniques in typical situations. It may help to consider what would happen without the security mechanisms and go from there.arrow_forwardData Security is considered a senior Management concern and responsibility. It affects every company’s operation, reputation and ultimately impacts revenue, profits, and a competitive edge. Yet many companies do not implement defenses that could help to prevent and control data breaches. In June 2012 LinkedIn a business social network site was hacked, this data breach was discovered when IT security experts discovered millions of LinkedIn passwords on a Russian underground site. The reason this happened was that the company was using outdated encryption methods and within 2 days, most passwords were cracked. What steps can a business take to keep control of its data security? What security management processes and activities in each process should a business follow to ensure they have an Information Technology Risk management strategy in place?arrow_forward
- Exercise 4 - Playing with a sandbox (a computing one of course, not the one you find on a playground!) Find a sandbox used by a computing system and examine its security settings and/or any existing restrictions on access control. Think about why such security settings and/or access control policies are needed and how they are enforced. Search for any published vulnerabilities that can compromise the security settings. For the report, describe what sandbox you choose and what you learned about it briefly. Hint: Examples include mobile apps, Docker containers, virtual machines, virtual servers (e.g., a virtual server hosted by a web hosting company), and elements in a web page.arrow_forwardEli Lilly and Company Threat: Phishing attacks are a significant threat to pharmaceutical companies like Eli Lilly. Cybercriminals may attempt to impersonate the company to steal sensitive research or personal information. Vulnerability: Employees may inadvertently fall victim to phishing emails, clicking on malicious links or downloading harmful attachments. Threat Action: Cybercriminals send convincing-looking emails that appear to be from trusted sources, tricking employees into revealing sensitive information. Vulnerability Mitigation Techniques: Employee Training: Regular training and awareness programs can educate employees about the dangers of phishing and how to recognize phishing attempts. Email Filtering: Implement advanced email filtering systems to identify and quarantine phishing emails before they reach employee inboxes. Multi-Factor Authentication (MFA): Require MFA for accessing sensitive systems and data to prevent unauthorized access. Cummins Inc.…arrow_forwardHi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format: Discussion: Misadventures of a Nation State Podcast Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do. Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix. Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…arrow_forward
- Joe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do? Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…arrow_forwardA security policy is a document that provides employees with clear instructions about acceptable use of company confidential information, explains how the company secures data resources and what it expects of the people who work with this information. Most importantly, the policy is designed with enough flexibility to be amended when necessary. You are working in organization X, and you are supposed to develop an issue-specific security policy issue is MOBILE COMPUTING To develop the different sections of your policy, you can refer to SANS Policy Templates https://www.sans.org/information-security-policy/arrow_forwardAntivirus is a kind of software used to prevent, scan, detect and delete viruses from a computer. Once installed, most antivirus software runs automatically in the background to provide real-time protection against virus attacks.Comprehensive virus protection programs help protect your files and hardware from malware such as worms, Trojan horses and spyware, and may also offer additional protection such as customizable firewalls and website blocking. On same background explain how does an Antivirus system in a computer function.arrow_forward
- Virus operation that attaches itself to executables. Why is this executable being reworked, and how can it be done?arrow_forwardMalware can have various behaviors, explain what these items are: a) Privilege Escalation and how is it accomplished? b) IAT Hooking and Inline Hooking c) DLL Load-Order Hijacking Edit View Insert Format als Tahlearrow_forwardDifferent from browser-based password managers, standalone password managers are designed to be used without the need for an internet connection. Do you have a suggestion for me? Why?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Systems ArchitectureComputer ScienceISBN:9781305080195Author:Stephen D. BurdPublisher:Cengage Learning
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning