Lab Report Network Assessment and Defense Training Manual (Lab Report Sample)
To illustrate of some of the Vulnerabilities on a Network system basing on a recently completed lab report.source..
Network Assessment and Defense Training Manual
Network Assessment and Defense Training Manual
As a way of advancing NSSD company strategic goals and objectives, this training manual provides network security guidelines to be adopted by all the company's stakeholders in protecting the code and software development process, as well as sensitive client information from internal and external breaches. The main purpose of the training manual is to provide IT personnel with the required network security tools, software and methods that can be implemented in the IT system of the company to prevent or mitigate any network security threats that may occur. This comes as a counteractive measure to the most recent network security breach that led to the possible loss of private information of the company and its clients. This training manual is a security policy update and it is seen as a means of strengthening the network security system to prevent and mitigate future security breaches in the event that they occur. The manual shall provide some of the recommended network defense, mitigation and incidence response methods and strategies.
The role and objective of the network defense methods and strategies is to develop and implement a defense mechanism that will secure the company's network and IT systems from anomalous activities. The defense mechanisms are meant to seal all the security loop holes and vulnerabilities that exist within the company's network and IT systems, which unauthorized personnel or a hacker can use to gain unauthorized access to the system and cause damage CITATION Kum15 \l 1033 (Kumar & Kaliti, 2015). The defense mechanism is more of a preventive approach of dealing with the security threats within the company. Basically, these methods and strategies are a way of protecting the company's network and IT system from all possible interferences, whether internally or externally.
The role and objectives of mitigation methods and strategies is to initiate various procedures and tools to address the occurrence of a given security breach or attack. These methods and strategies define various software, tools and procedures to be implemented to handle a given security attack that has breached the network defense system and either interfered with or caused damage to the company's sensitive data and codes. The main purpose of the mitigation methods and strategies is to prevent a wide scale impact of a security attack that has breached the defense system and to provide various tools that can be implemented to recover from such attacks.
The role of incidence response methods and strategies is to provide various actions and procedures that should to be carried out and followed by the IT personnel in responding to a particular security attack. They include various tools and programs that need to be initiated immediately after the occurrence of a particular security breach so as to limit its scale of impact and mitigate it accordingly. The main purpose of the incidence response strategies is to position the company in a place that will enable it to handle the security breach and recover from any hazards that might have been caused by that breach.
* Traffic Analysis
In traffic analysis, the strategy recommended for analyzing and identifying various network security threats is the use of packet capturing tools. Packet capturing tools monitor the network 24/7 by providing statistical information about protocols and node usage within a given network. Packet capturing tools help show the packets that have been blocked or forwarded, and then characterize these packets based on patterns of malicious activities CITATION Sci16 \l 1033 (ScienceDirect, 2016). Statistical information from packet capturing tools such as packet sniffers can be analyzed and interpreted accordingly to identify individual packets that are malicious or potential threats to the network security system.
fig1. Screenshot from flowmon packet capturing tools
In case malicious packets or traffic anomalies are identified by the packet capturing tool, the IT personnel are required to shut down the flow of traffic containing malicious packages. The traffic anomalies in the packet capturing tools are characterized based on their priorities (high, medium, low and legitimate traffic). All network processes containing high priority traffic anomalies should be blocked by the network administrators of the company to prevent any security breach. In the event of a security breach the traffic logs with high priority anomalies should be analyzed to identify the origin of the attack.
The company will use Cisco ASA 5505 for the firewall configuration. The IT personnel should configure the firewall to block all traffic by default and only allow specific traffic to services that are known. For access rule configurations, a layer 4 firewall that specifies the source, destination and destination port of an IP address should be used CITATION Flo17 \l 1033 (Flowmon, 2017). This will only allow traffic for known network services and operations of the company. The figure below shows the Cisco ASA 5505 firewall security configuration.
fig2. Screenshot from Cisco Networks
The network sh
- Database Design: Description Balance BudgetDescription: Service Service ID (pk) Description Balance Budget, ServiceService ID (pk) Description Balance Budget...7 pages/≈1925 words| No Sources | APA | IT & Computer Science | Lab Report |
- Lab Report Network Assessment and Defense Training Manual Description: The manual shall provide some of the recommended network defense, mitigation and incidence response methods and strategies....1 page/≈275 words| 5 Sources | APA | IT & Computer Science | Lab Report |