Question

Management is pleased with the progress that has been made and likes the steps you have taken to set up a secured network environment. During the last status meeting, the following was asked: "Has everything been done that is possible to ensure the security of the environment?" Your response was that you believed it has, but one way to be sure is to conduct a vulnerability assessment and a penetration test.

• Create a PowerPoint presentation of 6–8 slides that includes speaker notes and a references slide. It must cover the following:
  • Describe at least 2 common security threats against wired and wireless devices and typical countermeasures used by corporate security teams.
  • Describe at least 2 identity and access management tools needed to measure and monitor security risks across the enterprise.
  • Explain penetration testing and vulnerability assessments and how they differ.
  • Identify the benefits of using penetration testing and vulnerability assessments relative to threats.
  • Discuss the tools available in the industry (at least 5 different tools should be discussed), and explain how they can be used to mitigate security vulnerabilities.

The presentation must include a title slide, topics of discussion slides, main content slides, and reference slides. The references must use APA structure for organization of reference information. Font and font size are not required to meet APA format.

Answer 1

Here are some Security threats against wireless network :

1) Vulnerability Scanning and Password Cracking: it is one type of process, that hackers use certain tools such as Kismet and InSSider to scan network. After scanning the network, the hackers might proceed to get into the network.

2) Man In the Middle Attack (MITM): In this attack, position the attacker between two hosts in order to hijack connection and injecting traffic.

3) Rogue Access Points (RAP): The purpose of RAP is to hijack the connection of legitimate users is in order to sniff the activities or to steal confidential credentials of the users and later launch further attacks or simply to penetrate the Ethernet.

Some of the solutions for Minimizing Your Wireless Network’s Security Threats:

> Use strong Passwords.

> Encrypt your data with WPA3, which is currently the strongest encryption.

> Protect your SSID by renaming it, changing its default values, and disabling its broadcast to other users.

> Install a host-based firewall.

Here are some Security threats against wired network :

1) Firewall protection

2) BYOD Security threats

3) Employees error

Some of the solutions for improve wired network security:

> Implement VLANs to segregate traffic

> Use 802.1X for authentication

> Use antivirus

Identity and access management tools:

1) OneLogin

2) RSA SEcurID

3) SailPoint

The difference between a vulnerability test and penetration testing:

Vulnerability scan Provide a comprehensive baseline of what vulnerabilities exist and what changed since the last report.

penetration testing Concisely identify what data was compromised.

vulnerability test is ideal for lab environments.

penetration testing is ideal for physical environments and network architecture.

Benefits of using penetration testing and vulnerability assessments relative to threats.

​​​​​​Validates the effectiveness of current security safeguards

Protects the integrity of assets in case of existing malicious code hidden in any of them

Quantifies the risk to the internal systems and confidential information

Tools for mitigate security vulnerabilities.

1) Nmap (Network Mapper): It is open source network tool. By running Nmap, you can discover which ports are visible on a machine and the services running on them.

2) Nessus: The Nessus Project aimed to provide a remote security scanner that was free, powerful, up-to-date and easy to use.

3) Benchmark Tools: The free Benchmark and Scoring Tool from the Center for Internet Security (CIS) provides a quick and easy way to evaluate your systems and compare their level of security against the CIS minimum due care security Benchmark.

4) OpenSSH: SSH can encrypt passwords and network traffic between Web and database servers, thus preventing eavesdropping, IP spoofing, IP source routing, DNS spoofing and other network-level attacks.

5) Microsoft Baseline Security Analyzer & Windows Server Update Services: MBSA detects common security misconfigurations and missing security updates on Windows-based computer systems and Office applications

Happy to help. :)