Introduction to Packet Capture and Intrusion Detection Prevention Systems You are a network analyst on the fly-away team for the FBI’s cybersecurity sector engagement division. You’ve been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium. He’s provided some of the details of the reports in an email. “Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank’s networks, impacting the customer websites, and blocking millions of dollars of potential transactions,” his email reads. You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documentsa report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing. Network traffic analysis and monitoring help distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats. In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium. The following are the deliverables for this project: Deliverables Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. Joint Network Defense Bulletin: A one- to . Lab Report: A Word document sharing your lab experience along with screenshots. There are eight steps to complete the project. Most steps in this project should take no more than two hours to complete, and the entire project should take no more than two weeks to complete. Begin with the workplace scenario and continue to Step 1, Create a Network Architecture Overview. Introduction to Packet Capture and Intrusion Detection/Prevention Systems Step 1: Create a Network Architecture Overview As part of your assignment to report on prevention methods and remediation techniques for the banking industry, you would have to travel to the various bank locations and gain access to their networks. However, you must first understand the network architecture of these banks. Provide a network architecture overview along with diagrams. Your overview can be fictitious or based on an actual organization. The goal is to provide an understanding of the network architecture. Describe the various data transmission components. Select the links below to review them: 1. User Datagram Protocol (UDP) 2. Transmission Control Protocol/Internet Protocol (TCP/IP) 3. internet packets 4. IP address schemes 5. well-known ports and applications Address the meaning and relevance of information, such as: 1. the sender or source that transmits a message 2. the encoder used to code messages 3. the medium or channel that carries the message 4. the decoding mechanisms used 5. the receiver or destination of the messages Describe: 1. the intrusion detection system (IDS) 2. the intrusion prevention system (IPS) 3. the firewalls that have been established 4. the link between the operating systems, the software, and hardware components in the network, firewall, and IDS that make up the network defense implementation of the banks networks. Identify: 1. how banks use firewalls 2. how banks use IDSs 3. the difference between these technologies Include: 1. the network infrastructure information 2. the IP address schemes that will involve the IP addressing assignment model 3. the public and private addressing and address allocations 4. potential risks in setting up the IP addressing scheme Here are some resources to review: intrusion detection and prevention (IDS/IPS) systems firewalls Identify: 1. any well-known ports and applications that are used 2. risks associated with those ports and applications being identified and possibly targeted Add your overview to your report. In the next step, you will identify network attacks and ways to monitor systems to prevent these attacks. Introduction to Packet Capture and Intrusion Detection/Prevention Systems Step 2: Identify Network Attacks In the previous step, you provided an overview of the network architecture. In this step, you will identify possible cyberattacks such as , session hijacking, and . Provide techniques for monitoring these attacks using knowledge acquired in the previous step. Review the following resources to gain a better understanding of these particular cyberattacks: Session hijacking: spoofing/cache poisoning attacks Man-in-the-middle attacks One way to monitor and learn about malicious activities on a network is to create honeypots. Propose a honeypot environment to lure hackers to the network and include the following in your proposal: 1. Describe a honeypot. 2. Explain how a honeypot environment is set up. 3. Explain the security and protection mechanisms a bank would need for a honeypot. 4. Discuss some network traffic indicators that will tell you that your honeypot trap is working. Include this information in your final report. However, do not include this information in the bulletin to prevent hackers from being alerted about these defenses. Then, continue to the next step, where you will identify false negatives and positives. Step 3: Identify False Positives and False Negatives You just identified possible information security attacks. Now, identify the risks to network traffic analysis and remediation. Review the resources on false positives and false negatives and discuss the following: 1. Identify what are false positives and false negatives. 2. How are false positives and false negatives determined? 3. How are false positives and false negatives tested? 4. Which is riskier to the health of the network, a false positive or a false negative? Describe your analysis about testing for false negatives and false positives using tools such as IDSs and firewalls, and include this as recommendations for the banks in your public service Joint Network Defense Bulletin. Discuss the concept of performing statistical analysis of false positives and false negatives. Explain how banks can reduce these issues. Research possible ways to reduce these events and include this information as recommendations in the Malicious Network Activity Report. Network intrusion analysis is often done with a tool such as Snort. Snort is a free and open-source intrusion detection/prevention system program. It is used for detecting and preventing malicious traffic and attacks on networks, analysis, and education. Such identification can be used to design signatures for the IDS, as well as to program the IDS to block this known bad traffic. Network traffic analysis is often done using tools such as Wireshark. Wireshark is a free and . It is used for network troubleshooting, analysis, software and communications protocol development and education. Cybersecurity professionals must know how to perform network forensics analysis. In the next step, you will analyze network traffic. Step 4: Analyze Network Traffic In the previous step, you identified and analyzed risks related to false negatives and false positives. For this step, you will analyze network traffic, conduct network forensics analysis, and identify malicious network addresses. Enter Workspace and perform the network traffic analysis. During this step, you will also develop proposed rules to prevent against known malicious sites and to test for these signatures. Complete This Lab Resources Accessing the Virtual Lab Environment: Navigating UMGC Virtual Labs and Lab Setup Self-Help Guide (Workspace): Getting Started and Troubleshooting Link to the Virtual Lab Environment: https://vdi.umgc.edu/ Lab Instructions Detecting Malicious Attacks (Snort and Wireshark) Getting Help To obtain lab assistance, fill out the support request form. Make sure you fill out the fields on the form as shown below: Case Type: UMGC Virtual Labs Support Customer Type: Student (Note: faculty should choose Staff/Faculty) SubType: ELM-Cyber (CST/DFC/CBR/CYB) SubType Detail: Pick the category that best fits the issue you are experiencing Email: The email that you currently use for classroom communications In the form’s description box, provide information about the issue. Include details such as steps taken, system responses, and add screenshots or supporting documents. Professionals in the Field This program of study has exposed you to a variety of cybersecurity tools. Can you summarize what these tools do? Can you discuss their use in new situations? Can you do this for both technical and nontechnical staff? As you progress in your career, you will likely need to sway people who hold authority over cybersecurity decisions. These people may know very little about cybersecurity, but they will understand their own goals within the organization. Its not enough to just be well-versed on the technical side; sometimes you must be able to explain in understandable terms how a computing platform will be affected by a breach. Step 5: Determine Sensitivity of Your Analysis In the previous step, you completed network analysis. In this step, you will determine which information to include in which document. Information appropriate for internal consumption may not be appropriate for public consumption. The Joint Network Defense Bulletin may alert criminals of the network defense strategy. Therefore, be careful about what you include in this bulletin. Once you have assessed the sensitivity of the information, include appropriate information in your Malicious Network Activity Report. Then, include appropriate information in the Joint Network Defense Bulletin in a way that educates the financial services consortium of the threat and the mitigating activities necessary to protect against that threat. Step 6: Explain Other Detection Tools and Techniques In the previous step, you included appropriate information in the proper document. In this step, perform independent research and briefly discuss what other tools and techniques may be used to detect these signatures. Provide enough detail so that a bank network administrator could follow your explanation to deploy your system in production. Include this information in the Joint Network Defense Bulletin. Next, move to the next step, where you will organize and complete your report. Step 7: Complete Malicious Network Activity Report Now that you have gathered all the data for your Malicious Network Activity Report, it is time to organize your report. The following is a suggested outline: 1. Introduction: Describe the banking institution and the issue you will be examining. 2. Overview of the Network Architecture 3. Network Attacks 4. Network Traffic Analysis and Results 5. Other Detection Tools and Techniques 6. Recommended Remediation Strategies Submit your report to the Assignments folder in the final step. You are now ready for the last piece of this project, the Joint Network Defense Bulletin. Step 8: Create the Joint Network Defense Bulletin In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative. Here is a list of the final deliverables for Project 2. Deliverables Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. Joint Network Defense Bulletin: A one- to two-page double-spaced document. Lab Report: A Word document sharing your lab experience along with screenshots. Submit all deliverables to the Assignments folder below. Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
There is a very low likelihood that you won’t like the paper.
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more