Question

In: Computer Science

The SOC has noticed an unusual volume of traffic coming from an open wi-fi guest Network...

The SOC has noticed an unusual volume of traffic coming from an open wi-fi guest Network that appears correlated with a border Network slow down. The network team is unable to capture traffic, but logs from Network Services are available.

  • No users have authenticated recently there was a guest networks captive portal

  • DDoS mitigation systems are not alerting

  • DNS resolver logs show some very long domain names

Which of the following is the best step for security analysis to take next?

  1. Block all outbound traffic from the guest Network at the border firewall

  2. verify the passphrase on the guest network has not been changed

  3. search antivirus logs for evidence of compromise company device

  4. review access point logs to identify potential a zombie services

Solutions

Expert Solution

According to wireless security, you can do following mitigation:

1. Intelligent wireless controller use - For the management and Provisioning of multiple devices and access points, intelligent wireless routers or controllers are very important. All the access points throughout the network will be managed and controlled by a centralized wifi controller which will act as a master channel. It will help mitigate against Man in the middle attack, and rogue based attacks.Some wireless controllers have automated secirity layers which can defend all types of attacks like ddos and mitm.

2. Use WPA2 Encryption/Authentication - It is very important to use an encryption which is not easy to crack even with higher level devices. The more strong the encryption, the less chances of getting a network based hacking. For a guest based network, use WPA2 encryption with web based auth to secure the whole network by acquiring user's information,

3. Use of AAA system to record users activities - When one use WPA2 authentication, the router sends encrypted information to the centralized Authentication, Authorization and Accounting (AAA) server. Radius server is an example of AAA system.

4. Segregating Guest Network -  A proper segregation of both the wired and wireless networks is very important, so that one can separate VLans and Guest traffic.


Related Solutions

The SOC has noticed an unusual volume of traffic coming from an open wi-fi guest Network...
The SOC has noticed an unusual volume of traffic coming from an open wi-fi guest Network that appears correlated with a border Network slow down. The network team is unable to capture traffic, but logs from Network Services are available. No users have authenticated recently there was a guest networks captive portal DDoS mitigation systems are not alerting DNS resolver logs show some very long domain names Which of the following is the best step for security analysis to take...
Create a policy for 802.11 Wi-Fi security in a wireless network in a five-person company with...
Create a policy for 802.11 Wi-Fi security in a wireless network in a five-person company with a one-access point WLAN. This is not a trivial task. Do not just jot down a few notes. Make it a document for people in your firm to read.
Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee company with...
Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee company with a 47-access point WLAN. This is not a trivial task. Do not just jot down a few notes. Make it a document for people in your firm to read.
Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee company with...
Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee company with a 47-access point WLAN. This is not a trivial task. Do not just jot down a few notes. Make it a document for people in your firm to read.
In a Wi-Fi network, data packets are transmitted between a laptop computer and the access point....
In a Wi-Fi network, data packets are transmitted between a laptop computer and the access point. Since the transmission is wireless, errors can occur that may render the packet useless, so, when received in error, the packet is discarded. As a protection for errors, an acknowledgement is expected, and if the packet is received in error, it is retransmitted, until correctly received. Consider that the probability that a packet is discarded is p=0.6. (a) What is the probability that the...
Part I: Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee...
Part I: Create a policy for 802.11 Wi-Fi security in a wireless network in a 500-employee company with a 47-access point WLAN. This is not a trivial task. Create the official communication document.   Part II:     18.  a) What is the main problem with IPv4 that IPv6 was created to solve?            b) How does IPv6 solve this problem?    19.  a) What has been holding back the adoption of IPv6?           b) What is pushing IPv6 adoption now?
How has wi-fi changed the landscape of channel technology?
How has wi-fi changed the landscape of channel technology?
You have been using your phone and your school's Wi-Fi network to access hosts on the...
You have been using your phone and your school's Wi-Fi network to access hosts on the Internet. Suddenly, you cannot reach Internet hosts. Create a two-column table. a) In the first column, create a list of possible causes. b) In the second column, describe how you would test each one. (You may not be able to test them all.) Create a table list.
Is Copper completely obsolete? Here is a direct quote from “Why such slow Wi-Fi?” in a...
Is Copper completely obsolete? Here is a direct quote from “Why such slow Wi-Fi?” in a recent Los Angeles Times article: “In an analysis of fixed broadband and mobile speeds in July, Speedtest ranked the United State No. 9 for broadband and No. 46 for mobile (Nos.1, respectively, Singapore and Norway. Last: Venezuela and Iraq). Part of the issue for Americans: Many of us still have home service based on copper wire, not fiber. Craig Ganssle, chief executive of Camp3,...
​Recently, the number of airline companies that offer​ in-flight Wi-Fi service to passengers has increased.​ However,...
​Recently, the number of airline companies that offer​ in-flight Wi-Fi service to passengers has increased.​ However, it is estimated that only 8​%of the passengers who have​ Wi-Fi available to them are willing to pay for it. Suppose the largest provider of airline​ Wi-Fi service, would like to test this hypothesis by randomly sampling 200 passengers and asking them if they would be willing to pay​ $4.95 for 90 minutes of onboard Internet access. Suppose that 26 passengers indicated they would...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT