Assignment 2: LASA 2: Analysis of an Intrusion Detection System Report

Assignment 2: LASA 2: Analysis of an Intrusion Detection System Report

This assignment builds upon the scenario introduced in LASA 1, from the organization Open Water Diving and Scuba Institute (OWDSI). Specifically, your focus will be on preparing a second supplemental report of approximately 8–10 pages that discusses the organization’s intrusion detection system (IDS) and some of the recent reports from this system.

Scenario:

OWDSI’s network engineers and system administrators have reported a number of strange network behaviors and system outages. A variety of traffic has been captured in response to this. In addition, network engineers report that the school is seeing very high levels of traffic from a wide variety of hosts and that this traffic is causing outages of the school’s public-facing web server and other internal computer systems.

Management has requested that you review the network traffic to determine whether the institution’s IDS and intrusion prevention systems (IPSs) can be used to prevent inbound attacks that are being detected. Your manager has requested that you analyze the detected attacks and create a report that describes each attack. Explain the threat it presents and whether the use of an IDS or an IPS is a suitable response.

The following is a compiled list of odd network behaviors reported by network engineers and system administrators of OWDSI:

Network traffic analysis shows that a single host is opening hundreds of secure shell (SSH) sessions to a single host every minute.
Network traffic shows that hundreds of hosts are constantly sending only synchronized (SYN) packets to a single web server on campus.
A system administrator reports that a single host is attempting to log on to a campus SSH server using different user name and password combinations thousands of times per day.
A new PDF-based exploit is announced that uses a malformed PDF to exploit Microsoft Windows XP systems.
Campus users are receiving e-mails claiming to be from the campus helpdesk. The e-mails ask for users to send their user names and passwords to retain access to their e-mails.
A domain name system (DNS) changer malware package has been located on one of the servers.
A JavaScript vulnerability is being used to exploit browsers via ad networks on major news sites, resulting in systems being infected with malware.
A zero-day vulnerability has been announced on the primary campus backup software’s remote administration interface.
A virus is being sent via e-mail to campus users.
Tasks:

In a Microsoft Word document, prepare an 8- to 10-page report that addresses the various system irregularities. Your report should consist of the following:

A cover page
A table of contents
An executive summary
Develop an overview of the organization’s key system issues and your recommended remedies
System irregularities
Identify and describe each attack listed
Include an explanation of what each attack is trying to accomplish
Analysis and recommendations
Discuss how each of the vulnerabilities could be a potential issue and what the symptoms of each include
Recommend how to address each of the nine odd network behaviors as described in the assignment scenario above. Justify your responses
Determine whether an IDS could or should be used to detect each attack and whether each should be blocked using an IPS. Justify your responses
References
Note: Utilize at least three scholarly or professional sources (beyond your textbook) in your paper. Your paper should be written in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources (i.e., in APA format); and display accurate spelling, grammar, and punctuation.

Submission Details:

By Week 5, Day 5, save your document as M5_A2_Lastname_Firstname.doc and submit it to the M5 Assignment 2 LASA 2 Dropbox.
LASA 2 Grading Criteria and Rubric

All LASAs in this course will be graded using a rubric. This assignment is worth 300 points. Download the rubric and carefully read it to understand the expectations.

Assignment 2 Grading CriteriaMaximum PointsDeveloped an overview of the organization’s key system issues and your recommended remedies.44Identified and described each attack listed and explained what each attack is trying to accomplish.44Discussed how each of the vulnerabilities could be a potential issue and what symptoms of each include.44Recommended how to address each of the nine odd network behaviors. Justified your responses.52Determined whether an IDS could or should be used to detect each threat and whether each should be blocked using an IPS. Justified your responses.52Wrote in a clear, concise, and organized manner; demonstrated ethical scholarship in accurate representation and attribution of sources; and displayed accurate spelling, grammar, and punctuation.64Total:300

Get Original Answer Now

Order This Solution

Ask your homework question

 

INDIVIDUAL APPROACH:
Chat with every writer who applies to your request, and view their skills and portfolio. Make the choice that’s right for you.
MANAGE YOUR ORDER:
Monitor progress and see any changes made. Have full control over every phase of the process.
COMMUNICATE:
Ask your writer questions and provide your ideas about your paper. Produce the exact result that you want.
ENJOY THE OUTCOME:
Get everything done on time with high quality. Writing papers is much simpler with us.

Ask your homework question

 

© 2017 theacademicessays. All Rights Reserved. Design & Developed by theacademicessays.
Loading...