answer 3 discussion questions 2

Discussion 1: Vulnerability Analysis

The list below, pick the four most significant attacks you would consider in the network security design process. Provide at least four high-level security policies and describe mitigation technologies.

Medium Network Campus Top 10 Attacks

Attack

Identity spoofing

Virus/worm/Trojan horse

Rogue devices

Sniffer

Man-in-the-middle (MITM)

War dialing/driving

Direct access

ARP redirection/spoofing

Remote control software

Buffer overflow

Discussion 2: Preparing for an Audit

The result of an information security audit can impact a business significantly. Failure to pass an audit usually means that information systems are not secure. This could result in the loss of customer confidence; the loss of business opportunities and stiff penalties could be imposed if federal regulations and standards were not met. Understanding the audit process can help employees bring more value to their organization. In the following discussion, you will evaluate the audit process and discuss some key issues that organizations should consider.

Instructions;

Read through the following documents

Read through the Popescu article. The authors discuss other important ways to prepare for an audit. Select four areas from this reading that an organization should consider during an audit.

Discussion 3: Windows Security

To many, the most important file on a Windows system is the SAM file. This is where the hashes for the users are stored. The hashes are not salted in Windows, so rainbow tables can be utilized. All of the operating systems prior to Windows Vista use a LM hash and an NT hash. Starting with Windows Vista, only the NT hash is used by default.

Discuss the SAM file and discuss password cracking tools or websites that can be used to crack Windows password hashes. Some of the most popular tools are John the Ripper, Cain, and ophcrack, which are all free. Finally, you might want to mention if the hashes from Active Directory are stored in the SAM file. If not, where are they stored?

Here is a list of some password hashes. You may elect to crack some of them and explain how you did it for part of this discussion. Also, please do not spoil it for your classmates and crack all of the passwords below.

Administrator:””:””:921988BA001DC8E14A3B108F3FA6CB6D:E19CCF75EE54E06B06A5907AF13CEF42

Guest:””:””:AAD3B435B51404EEAAD3B435B51404EE:31D6CFE0D16AE931B73C59D7E0C089C0

krbtgt:””:””:AAD3B435B51404EEAAD3B435B51404EE:69B03C034DA89B3E0A824D393ADBFA75

SUPPORT_388:””:””:AAD3B435B51404EEAAD3B435B51404EE:962F4737E27E2F30C1B2080DE741BEE9

IUSR_SERVER:””:””:F16534E45F5C441F0C9B8A6757A2DD26:9A3D15D3969E1AACBC3E7B001B7AEDB4

IWAM_SERVER:””:””:9CADB50562599885A95F9229BA192885:8A249FC47CBF728107D93F72CBF11F6C

ASP””:””:E9AA7F1E22D9BE4AA31D729B1370A06C:60E269A7615FD554524D39BD6FA03B73

8E3F3522-DBCC-4040-A:””:””:AAD3B435B51404EEAAD3B435B51404EE:73BF9D67BBD187644CF2BCC2AB6E0E8D

antonio:””:””:0ED3D91389ACB5F4B267DF22CB945E3E:895C4794EBABF311D888C27565F4743B

alex:””:””:3C6FFCF797C0CB69B79AE2610DD89D4C:CD9E25FC389A47DFF41DC823ED750ACD

jessica:””:””:6279A086DF44F8674BBF904BD45DD8B6:A12DB999F58484F2BBFAB57D5AC35849

partick:””:””:AA79E536EDFC475E1FD352BDD2352014:D316A79FFAE36A556FEA176E3A663F29

jesse:””:””:81CBBF89080A4C47AAD3B435B51404EE:93DA2C1F3C964AE9105AD7BD566E2561

ajay:””:””:1A75F05EC01E47F0AAD3B435B51404EE:C12A3C6A81704B3BFACEC61CF502EEDE

val:””:””:739A57A8A0CF3013AAD3B435B51404EE:7A3602E4B4CD6BB73E1B0F8D9EBC1593

jimmy:””:””:97BD484586C5D6326159F8F809147DAE:B84FB0AB9693EF6A84675BEAE63FE5A7

elmo:””:””:7B96B77A223162B1AAD3B435B51404EE:2C8A51B3BC2395D6F3623A0B7C4F1CFA

zombie:””:””:E5262769CD7BE10DAAD3B435B51404EE:CF563AC5D3FD5DBF665A4240482467AD

kermit:””:””:85CF5B940A2C076CAAD3B435B51404EE:488CDCDD2225312793ED6967B28C1025

oscar:””:””:85CF5B940A2C076CAAD3B435B51404EE:488CDCDD2225312793ED6967B28C1025

bigbird:””:””:4A1E6840967FA270AAD3B435B51404EE:BB3876FA436EECA003EFD946774F7C5D

luke:””:””:0FB2BA42035F6B70AAD3B435B51404EE:4B43CB4B09E7F914A0AF81DBCC4B7256

vader:””:””:E29AE80C840FCFCCAAD3B435B51404EE:025A8834D18CBF4EBEC5B1B033053070

jabba:””:””:C4568A7A1D15528EAAD3B435B51404EE:3BF83D07E6B7524B6F6CD5788054757F

r2d2:””:””:16209367625F0E2EAAD3B435B51404EE:CA1E2799CF207BBCB88B6FBB3B9AE0B4

c3p0:””:””:5C71E134537B07F6AAD3B435B51404EE:A51CDE4077A4C7860C69B6225DE0B902

chewbacca:””:””:42637E7AA1F0B514AAD3B435B51404EE:D35145AB4433D044FA7A4FB93886381F

han:””:””:B2CE70CE4C795680AAD3B435B51404EE:4552D7D4DA5A5EF21D7C3BD9FCE88E68

lando:””:””:42495678E8EB733AAAD3B435B51404EE:CB8C645F64E630E1526E46D73DAEA40C

SERVER$:””:””:AAD3B435B51404EEAAD3B435B51404EE:D63E48A89A777A96F1007482EB152185

After answering these questions, can you please go on my blackboard and reply to 2 students for each post. So 6 total replies to students. I will give you my login info. The initial answer you can do within 1 day, the replies to other students is due Sunday June 23rd by 11:59pm.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.