CS707 Network Security

Spring 2015
Assignment No. 1
ID:
MS150200187
Name:
Muddssar Hussain
Question No.1
In this world of Information Technology the business corporations are
converging digitally for exchange of information with their customers and business
partners electronically through internet. But internet is a threat environment where
Bad Peoples like hacker and lot of threats in the form of viruses can harm business
goals.
Some of the most important threats which can harm your business are as follows:
Threats to a wireless network:

Disgruntled employees
Phreaker
White hat
Black hat
Trojan horses and Rootkits
Spywares
Social Engineering attacks
Phishing
Scams
Denial of Service (DoS) Attacks
Fraud, Theft
Stealing Sensitive data about customers and employees
Identity theft
Financial and Intellectual Property Theft
Brute force key cracking

Counter Measures to stop network intruders:

As an IT security Incharge I will establish effective security policies and procedures
to avoid compromise or breach into my network. My main goal to achieve three
security goals referred as CIA (Confidentiality, Integrity and Availability).
Some of the counter measures that will I adopt to avoid intruders to breach into my
network are:

I will use cryptography technique to transfer my readable by the text into a

form that is not readable called ciphertext. The Eavesdropper will not be able
to decrypt it back into plain text.
I will use the cipher and keys technique to encrypt and decrypt information
for stronger confidentiality.
I will use effective encryption algorithms to stop intruders to read information
if breached.
I will use Steganography which is an effective method of information hiding
so that one will not notice that there is secret information in it.
I will use One Time Pad encryption method in which binary additive stream
ciphers are used to generate truly random keys then combined with plain text
for encryption which are unbreakable.

I will use digital water marking techniques to hide the data in an image, audio
clip other work of media with the work itself. It is hidden from the user in
normal use but become visible after some especial viewing process.
Proper prevention measures from being attacked
Proper ways and procedures to detect breaching
I will establish well defined procedure to get may business back on track after
it has been breached or some damage have done..
Install and maintain an effective firewall configuration to protect my network.
I will use advance encryption techniques to secure sensitive company data.
I will use Updated and well known antivirus software.
I will develop strong password policies
Proper User authentication
Secure and encrypted Wi-Fi protected access
Job logs/ access logs
IP filtering

Question No.2
Ex-employees are very dangerous for an organization because they can
breach into to the network in many ways. Some of the possibilities of breaching into
networks are as under:

He can use logic bomb program to erase important companys information

and programs that can make the company suffer.
He can hack into our network system because he has extensive knowledge
of our company and knows the working and weakness in our network.
The ex-employee may hurt the company financially because he may know
the methods and financial matters of the company.
He can use crackers to crack passwords and key loggers and some malicious
programs that can send important information like computer passwords and
email passwords to the employee.
He can sell our trade secrets to other companies to get his benefits.
He can steel customers contact list to contact customers own their own or
to sell this precious information to the business rivals.
The ex-employ can extort the firm to threat the company for his interest. He
can use logic bomb and blackmail the company to provide money or some
information if they want to avoid damage or loss of precious data.
He can sexually harass other employees or female owner to get employed
again or some other purposes.