Reference no: EM132294657
Activity 1
You work as a network Security administrator in ABC Company, you have notice your organization network and system is experiencing different kind of intrusion. Select appropriate IDS for the following case:
1. Employees in media and communication department are always accessing to different social media application/website from their PCs. Hence, these PCs are always attacked by different maiware. You want to detect these attacks.
2. One specific portable PC is always misused by users in your organization.
3. Your organization has multiple branches in Nizwa , Sohar and Salalah . Your branches are always facing a well-known spoofing attack.
4. Your organization is facing a distributed denial of service attacks which effect internal and external services availability.
5. You have contacted one international vendor to provide you the newest IDS in the market. The vendor suggested to have Symantec IDS software which requires high processing capacity, however your organization doesn't have one machine that can satisfy all the processing requirements. This IDS can be used with clustering techniques .
6. Your organization database has been attacked, your current IDS could not detect this attack because this is a new attack which has never occurred before.
Activity 2:
1. Network can be secure by deployment of different security controls including three that appear to be the most frequently used: IDS, firewall and antivirus.
A. Explain the difference between: IDS, firewall and antivirus.
B. Deploying only one of these controls is not enough to protect your Network. Accordingly analyze the following cases.
I. A portable storage device has been used and infected outside the corporate network, and then attached and used in your LAN. Justify why firewall will fail to protect your network from being infected? Suggest a security control for this scenario.
II. Unauthorized user is trying to Access your LAN through the Internet. Justify why IDS will fail to protect you from this unauthorized access? Suggest a security control for this scenario.
III. You want to establish a secure extranet and intranet connectivity with partners, Justify why firewall might not be enough to provide appropriate security? Suggest another security control can be added to provide better security.
IV. A newly released malware has attacked your LAN through an end user device. Justify why antivirus could not protect you from this malware? Suggest a security control that can detect this malware.
Attachment:- Network configuration.rar