Running head: COMPUTER SECURITY 1

IT Management

Student’s Name

Institutional Affiliation

Date
Task 1: [50 Marks]
In this task, identify and discuss the different types of threat to which your network is
exposed to and your report should contain threats that can attack only computer
networks.
• Denial-of-Service (DOS) attack- A DOS attack on a computer network occurs

when a device or a network's functionality is prevented and cannot be accessed by the

users. It happens when the system is compromised by a third party sending high

capacity traffic to the device to make it flooded hence stop working.

• Distributed denial of service (D-DOS) attack- This attack is almost similar to DOS

attack in that the services are made inaccessible in the network by sending traffic

(Peterson, 2007). In D-DOS however, the traffic is generated from a group of devices

which causes an indirect path making it not to be traced easily.

• Malicious software (malware)- This is any program or software created and

targeted to damage or disrupt a computer network. It includes viruses, spam, Trojan,

spyware, rootkit, and worm.

1. Viruses- A virus is any malicious program generated to spread itself in a network,

infiltrate files and corrupt data.

2. Worm- This is a programmed attack that is intended to take advantage of security

failures and replicate itself without a host. It causes harm to the computer network by

consuming its bandwidth.

3. Spyware- Spyware often come with downloaded software and is made to monitor

and record information on users without their knowledge.

4. Trojan- Trojan is a malicious program which does not seem like a threat but when

installed could be malicious in spreading other malware such as virus and worm.
5. Rootkit- It is programmed to be invisible and can obtain administrators access via

the installation of additional software and is hard to remove it once installed. It gives

other malware, and unauthorized users access to the system (Hutchins, 2011).

• Phishing- This is a social engineering attack which usually is associated with the

email or instant messaging. It can get into a system through email alerts which appear

genuine and then makes an attempt on the user to provide information such as pins,

username and credit card information.

• Eavesdropping- This refers to the secret and unauthorized monitoring of

communications belonging to other people or organizations. It involves tapping of

small packets from networks and checking the data content for information. This

attack does not require any encryption service; this makes it so effective.

• Data breaches- A data breach occurs in the event of the information belonging to a

user in a network getting stolen, accessed or used by an unidentified person who is not

authorized to access the data. This is often caused by hacking into the net.

• Weak access control- It means that the ability of the system to govern what

authorized users access is compromised and authentication, accounting, and

authorization security are damaged. An attacker may view, change or delete content

or take over the administration.

• Privilege abuse- This is a deliberate threat to the network by people granted access

to the resources of an organization. They can alter data to satisfy their needs or

damage the organization.

• Software vulnerabilities- A user may not update the security of a system hence

posing threat to the network. Outdated software could slow down the entire network

causing the site to crash.

• Employees- The employees could pose a threat to the network security by lacking

the necessary education for the protection of the company's network system.

Task 2: [50 Marks]

In this task, identify and discuss the different types of defense to secure your network
and specify which defense is suitable for every threat mentioned in Task1 (Pearce,
2013).
• Use of firewall- This is a network security system used to observe and control all

the traffic entering and leaving a network. It blocks unauthorized users from getting to

the net by establishing a barrier between the internet and the system. This defense

mechanism can be used to prevent DOS and D-DOS attack.

• Use of antivirus software- This is a computer program for scanning, detecting and

removing malware from a computer. Different products of antivirus software exist

and can be used to protect against computer virus, Trojan horses, rootkits, worms,

spam, phishing and botnet DDOS attacks. Antivirus software can be purchased and

need to be updated regularly to bring efficiency. Updating software regularly helps to

protect against the threat of software vulnerability.

• Encryption- This is a process in which data is encoded to ensure that only specific

computer system can access it. It helps to deny access to unauthorized users who lack

the key to decrypt the data. This is used to protect against eavesdropping and data

breaches.

• Digital signature- This is a pattern to ensure that there is an authenticity of all the

electronic documents getting to the network. This includes e-mails, text files, and

materials. It provides the authenticity and integrity of the message received. This

protects against phishing.

• Digital certificate- It is a document that in the computer of the receiver that proves

the authenticity of the user sending a message. The certificate authority is a third party

providing digital certificates for use by organizations. It is used to protect against

threats like phishing, data breaches, and eavesdropping.

• Performing a thorough background check before issuing privilege credentials and

conducting privilege user training to the individuals selected is essential to protect

against privilege abuse.

• Creating strong access control policies of confidentiality, accountability, and

integrity, and creating a good password system should help to protect against weak

access control.

• User education on how to best preserve the network system by equipping them

with all practices to observe when using the internet including the safety issues.

• Use of over-provisioning brute force defense to protect on DOS attack.

• Website certificates should be kept up to date to ensure the validity of websites to

protect these threats.

 References

Peterson, L. L., & Davie, B. S. (2007). Computer networks: a systems approach.

Elsevier.

Hutchins, E. M., Cloppert, M. J., & Amin, R. M. (2011). Intelligence-driven computer

network defense informed by analysis of adversary campaigns and intrusion kill
chains. Leading Issues in Information Warfare & Security Research, 1(1), 80.

Pearce, M., Zeadally, S., & Hunt, R. (2013). Virtualization: Issues, security threats,
and solutions. ACM Computing Surveys (CSUR), 45(2), 17.