Discuss the importance of having a trusted CA and impact a compromised root CA can have on the industry

Discuss the difference between the features for an enterprise version and that of a consumer version

 

Order Now
SKU: Ques97

The following marking system will be applied to mark allocations for each Lab Sheet.

Marking Schedule for ITSY7.660 Labs

Performance Criteria Mark

Allocation

All the tasks correct

Clearly, relates evidence to the topics.

Complete and extra insight added.

Work displays critical thinking and avoids simplistic description or summary of information

Demonstrate an in-depth understanding of the ideas.

Students observed working in a professional manner in the lab.

Some evidence does not support the topics.

Partial (missing information) to complete (all questions attempted)

Work displays critical thinking.

Demonstrate a solid understanding of the ideas.

Topics often lack supporting evidence or were inappropriate.

Even balance between critical thinking and description

Missing or incomplete tasks.

Demonstrate a general understanding of the ideas.

Inaccurate details.

Less than acceptable behavior in the lab.

Lab attendance at a minimum

Maximum marks allocated for each laboratory exercise is indicated for each Lab task.

 

LAB 1 – INFORMATION SECURITY & ATTACK TYPES

Introduction

The lab focuses on network and computing system access. This lab includes investigations into some of the attack methods and target areas used to penetrate the systems within an organization.

 

Details

The lab sheet must be completed and handed in at the end of the session.

The first session will be an evaluation of the current state and definition of IS security within the industry.

The second session will be an investigation into attack methods and target areas. Some of the attack methods will be attempted and evaluated during the practical session.

 

Required

Week 1

“The term “information security” means protecting information and information systems from unauthorized  access, use, disclosure, disruption, modification, or destruction in order to provide…integrity… confidentiality… availability”

[1]As defined by the USA legal system

The NZ Information security manual defines IS security as “Information security is considered a higher level of abstraction than cyber security relating to the protection of information regardless of its form. The accepted definition of information security within government is: ‘measures relating to the confidentiality, availability and integrity of information”

2a) Using various online resources try to find and document, with suitable sources, other IS security definitions.

b) Comment on the traditional definition of IS security and the definition of Cyber security [3] [4] [5]

 

Week 2

Attacks are the techniques that attackers use to exploit the vulnerabilities in applications.

c) Attacks are often confused with vulnerabilities. Investigate the two and discuss the key differences between the two. Try to use examples or evidence to support your answer.

d) Use existing literature to try and identify as many active attacks as you can. For each of these attacks identify and describe the vulnerability the attacker exploits.

 

 

LAB 2 – HACKING

Introduction

This lab focuses on hacking techniques.

 

Details

Securing a system without understanding or being aware of the potential threats is next to impossible. Therefore knowing what the threats are is of the utmost importance in systems security, especially when there are terms like cyber warfare and cyber security becoming mainstream terminology. The first session covers methods used to prevent or reduce hacking; this involves the installation and evaluation of an antivirus application. The second session investigates network integrity and some rollover from session 1.

 

Required

Session two will require access to suitable wireless monitoring tools – these can be loaded onto an android device or windows based computer with an installed Wi-Fi device.

 

Week 3

a) The following website page, http://www.pcmag.com/reviews/antivirus, lists a number of antivirus products.[1]

  • Select five of these products and compare them in terms of features, enterprise support and consumer (free or personal) versions. Discuss the difference between the features for an enterprise version and that of a consumer version.
  • Discuss how a product like Malwarebytes differs from one of the above.
  • Comment on t e current industry controversy regarding the statement “Antivirus is Dead” [2] [3]

 

Week 4

b)Install one of the following products (free version); http://www.avira.com/ or http://www.avast.com/

  • Use the test file from http://en.wikipedia.org/wiki/EICAR_test_file to test the AV.
  • Comment on the results. What does this test not indicate?

c) Scan the campus wireless network and document the available access points in terms of channels, security and connection type.

  • Were there any “open” network access points?
  • Describe the type of security used to secure these “open” network access points.
  • Discuss any potential security holes or attack vectors regarding the campus wireless network.

 

LAB 3 – RISK MANAGEMENT & DATA RETENTION.

Introduction

This lab focuses on policy design and data retention.

 

Details

The first session will concentrate on policy design while adhering to industry standards. The second session will look at methods of storing and retaining data in a secure manner.

 

Required

Week 5

The NZIS manual is used for risk- managed protection of classified information and systems. The purpose of this manual is to ensure that a risk-managed approach to cyber security is applied within government. [1][2]

In other words the manual was not originally intended for the average consumer or enterprise use.

 

a) Discuss how the NZIS manual could be used to provide the necessary guidelines for an organisation that intends or is required to draw up an IS security policy document. Provide examples and evidence to support your answer.

b) Discuss how an IS security policy influences the Disaster Recovery Plan.

 

Week 6

c) Compare and contrast drive/disk backup software with traditional file synchronization backup software.

d)Download and install Duplicati[3] (may be blocked on campus) and DriveImage XML[4]

Prepare step-by-step documentation that can be used by a small business or computer user to backup their personal data onto an external storage device.

Discuss any potential security issues in using this type of software.

e) Discuss the security implications of backing up your data into a cloud storage infrastructure.

  • Pay particular attention to Dropbox, Google drive and Microsoft Onedrive.
  • Duplicati supports cloud features.

 

LAB 4 – PASSWORDS & CRYPTOGRAPHY

Introduction

The lab focuses on password weakness and cryptographic algorithms.

 

Details

The first session demonstrates the weaknesses in various hashing algorithms used to store passwords.

The second lab takes a look at drive/volume encryption using an industry strength encryption tool known as Truecrypt.

 

Required

Week 7

a) Download and install Randpass and Hasher from [1] or hashcalc from [3]. Download hashcat-gui from [2] or a prepared version from the G: drive.

b) Use the hashing application to generate an MD5 and SHA1 hash for the string “password”.

  • Use the hashcat-gui to try and “crack” the hash.
  • Document your findings and results – take note of any time taken.

c) Use the Randpass tool to generate a reasonably complex password then use the hashing application to generate an MD5 and SHA1 hash for that password.

  • Use the hashcat-gui to try and “crack” the hash.
  • Document your findings and results – take note of any time taken.

d) Compare passwords “encrypted” with a hashing algorithm like MD5 and SHA1 with passwords encrypted with an encryption such as bcrypt[4][5]

 

Week 8

e) Download the Truecrypt encryption tool from [6] – portable version will suffice.

  • Use the tool to create a 1GB encrypted volume.
  •  Is it possible to “break” into this secured volume? Explain

f) What does FIPS 140 have to do with cryptography?

  • Comment on the applicability of the FIPS 140 in New Zealand.

 

LAB 5 – NETWORK SECURITY & FIREWALLING

Introduction

The lab focuses on network security with careful attention to firewalls and Virtual private networks(VPN).

NOTE: This lab requires prior network experience or some preparation in regards to understanding IP addressing and networking ports.

 

Details

The lab sheet must be completed and handed in at the end of the session.

Firewalls form a crucial part in cybersecurity and cyberwarfare, but a poorly configured firewall can be just as dangerous as the attacker. This lab looks at the some of the more important aspects when it comes to configuring the firewall. The second part of this lab looks at creating an extension or secure “pinhole” through the firewall by using a VPN.

The first session will concentrate on a firewall setup using pfSense and the second session will look at Virtual private networks using openVPN.

 

Required

In order for the firewall lab to be successful you may be required to install a 2nd NIC into the pfSense computer – the lab technician can assist with this task. The network details and configurations will be given during the lab session.

 

Week 9

STANDARD VERSION

a) Use a copy of the pre-configured Virtualbox version of pfSense[1] and boot it up on the lab computer.

  • Configure the pfSense interfaces whereby one interface is the red network and the other interface is the green network. Network addresses will be provided during the session.
  • Use the browser on the host computer to connect to the pfSense and take some time to explore the menus and configuration options.
  • Set a rule that permits www traffic (port 80/443) green–>red (egress) but not red–>green (ingress).
  • Test your configuration and document your findings/results for this experiment.

 

ADVANCED VERSION

  1. a) Use a copy of the LiveCD version of pfSense[1] and boot it up on the lab computer.
  • Configure the pfSense interfaces whereby one interface is the red network and the other interface is the green network.
  • Using a second computer connect to the pfSense using a web browser and take some time to explore the menus and configuration options.
  • Set a rule that permits www traffic (port 80/443) green–>red (egress) but not red–>green (ingress).
  • Test your configuration and document your findings/results for this experiment.

 

b) Discuss the security implications of having a single physical network interface firewall version a dual physical network interface firewall. EIT Hawke’s Bay Bachelor of Computer Systems

 

Week 10

c) Download a copy of openVPN[2] and install it onto two computers.

  • Configure the openVPN installations as a client and a server using static keys.
  • Test your configuration and document your findings/results for this experiment.
  • Configure the previous pfSense installation to support an openVPN server.
  • Keep the openVPN installations for the Week 11 session

d) Discuss the security issues related to the inbuilt VPN features supported by the MS Windows operating systems.

 

LAB 6 – RU5DUllQVElPTg==[1]

Introduction

This lab takes a look at encryption and intrusion detection systems.

 

Details

The first session will use a tool, XCA[2], to generate various types of digital certificates and applying them.

The second session will cover some experiments in intrusion detection systems using well know tools

 

Required

Week 11

a) Download a copy of XCA[2] and install it onto a computer.

  • Create a new database.
  • Generate a root CA (certificate authority) certificate.
  • Generate a CA-signed and a self-signed certificate.
  • Generate DH parameters (required by openVPN).
  • Take the openVPN setup from the Week 10 lab and replace the static keys with the certificates you have just generated.

b) Discuss the importance of having a trusted CA and the impact a compromised root CA can have on the industry.

 

Week 12

a) Download a copy of Wireshark[2] and Fiddler[5] and install it onto a computer with an openVPN installation.

  • Use the tools to monitor the traffic.
  • Start up a webserver on the openVPN server computer that is already installed on the computers and browse to this webserver from another openVPN client computer.
  • Discuss the contents and nature of the traffic generated by the openVPN when observed in Wireshark and Fiddler.

b) Download a copy of either Backtrack or Kali linux. You will need to install this distribution onto USB stick or burn onto a DVD. Start the lab computer up with the DVD or the USB stick.

  • Examine some of the tools on the distribution and document your results/findings including the name of the tools used.

 

LAB 7 – E-COMMERCE & WIRELESS SECURITY

Introduction

This lab takes a look at the security in an around an e-commerce installation and reviews the security associated with wireless networking.

 

Details

The first session is an investigation into the nature of the security associated with e-commerce installations. This includes the browser, communications medium, application/web server and database server.

The second session takes a look at the various wireless network types and some of the security protocols.

 

Required

Week 13

What is known as e-commerce security should not be limited to web applications associated with financial transactions but to all web applications that store or handle private and personal information.

a) In the above context identify as many security issues, including threats, as you can within the following groups;

  • Web browser technology.
  • Network or internet communications medium.
  • Web application – WordPress, Joomla, bespoke, etc
  • Web server.
  • Database.

 

Week 14

b) There are a number of wireless network standards in the industry.

    • Identify the wireless network standards.
    • Identify the security protocols supported by each standard.
    • Comment on any weaknesses associated with each of the security protocols.

 

Reviews

There are no reviews yet.

Be the first to review “Discuss the importance of having a trusted CA and impact a compromised root CA can have on the industry”

Your email address will not be published. Required fields are marked *

Sorry no more offers available