Assignment 12

Total Score: High risk

74 %

Total Number of Reports

1

Highest Match

74 %

SecurityArchitectureandDesign.docx

Average Match

74 %

Submitted on

07/27/19

08:44 PM CDT

Average Word Count

646

Highest: SecurityArchitectureandDesign.…

Attachment 1

Institutional database (4)

74 %

Word Count: 646 SecurityArchitectureandDesign.docx

73 %

Student paper Student paper Student paper Student paper

3

2

5

1

Internet (1) 1 %

onepoint

4

Top sources (3)

Student paper

3

Student paper

5

Student paper

1

Excluded sources (0)

Running Head: 1 SECURITY ARCHITECTURE & DESIGN 1

SECURITY ARCHITECTURE & DESIGN 2

Security Architecture and Design Name: Nagaraju Kolli

1 Security Architecture and Design

From the manuscript by Stewart, security architecture and design comprise of the practices and policies that are usually adopted in the monitoring and prevention of unauthorized denial, modification, misuse or access of network-accessible resources as well as a computer network (Stewart, 2013). Thus, network security is convoluted in enterprises, organizations and other kinds of institutions. Network security management consists of diverse procedures and rules which get adopted by numerous network administrators to facilitate the fact that unauthorized users do not attain access. Security on the other hand consists of several policies which tend

to limit access (Stewart, 2013). This process ensures that the network not only protects but also manages and secures the operations of a network. 2

different types of Threat Modeling Tools

Explain

3 Stride is a model of security threat that has been built by Microsoft and categorizes the security threats that get associated with one’s computer (Abomhara et.al,

2015). STRIDE is normally comprised of diverse threat categories. They are: - i. Spoofing

ii. Tampering

iii. Repudiation

iv. Information Disclosure

v. 3

Denial of Service (DoS) vi. 4

Elevation of Privilege

5 List one that you have been using or would like to use it. 3 In computing, DoS is an attack of cyber whereby perpetrators seek to make networks or machines

resources that are not available to their intended users by indefinitely or disrupting services temporarily (Zhang et.al, 2015). Also, when addressing and managing

threats, Denial of Service or Availability has 3 types that get targeted. These are: i. 3 Prevention of services

ii. 3 Exhaustion of human resources

iii. Exhaustion of the resources of computing

3 The Mitigation approaches or Methods to these threats are: i. 3 Services by third parties

ii. Request filtering

iii. Validating requests

3 Given that the denial of service is a single threat involved in STRIDE that could get efficiently addressed by use of “wait and see” strategy and could still not

expose systems to increased risks (Befekadu, et.al, 2017). For the reason that this aspect does not get impacted by the approach, attackers could disrupt any traffic despite of the “wait and see.” On the other hand, during this time, the method is then implemented and is somewhat easy in detecting the denial-of-service attack. When it comes to efficient use of the "wait and see" approach, the perpetrators seek to overwhelm the victim who has been targeted with huge quantities of traffic that is bogus for the victim to be preoccupied. Even so, Elevation of Privilege, Information Disclosure, Repudiation, Tampering and Spoofing could depict susceptibility

if the “wait and see” approach gets implemented. 5

functionalities are: i. Not assuming Safety

Provide an example using some of the functionalities of this application. Some of example of a Dos attack

Despite the fact that this concept sounds obvious, any worthy design has three fundamental steps, that is, planning, implementation and verification. The final stage explains where numerous security initiatives tend to fail, including network security. With the growth of an organization, networks tend to be more complex thus augmenting the chances for hackers to have access to security measures (White, et.al, 2017). ii. Harden the Network

It is clear that hackers often scan or go through networks while looking for susceptibilities. In that case, devices and services that may be neglected could get monitored and secured poorly, offering backdoors for users who are unauthorized. Thus, network hardening entails disabling or removing anything that is not needed in the reduction of the attack surface of the network.

References

White, G. B., Fisch, E. A., & Pooch, U. W. (2017). Computer system and network security. CRC press. 3

Zhang, H., Cheng, P., Shi, L., & Chen, J. (2015). 3

Optimal

denial-of-service attack scheduling with energy constraint. IEEE Transactions on Automatic Control, 60(11), 3023-3028.

Source Matches (17)

1 Student paper 86%

Student paper

SECURITY ARCHITECTURE & DESIGN 1 SECURITY ARCHITECTURE & DESIGN 2

Security Architecture and Design

Original source

Security Architecture and Design Security Architecture and Design Security Architecture and Design

3 Student paper 98%

Student paper

In computing, DoS is an attack of cyber whereby perpetrators seek to make networks or machines resources that are not available to their intended users by indefinitely or disrupting services temporarily (Zhang et.al, 2015). Also, when addressing and managing threats, Denial of Service or Availability has 3 types that get targeted.

Original source

Elevation of Privilege In computing, DoS is an attack of cyber whereby perpetrators seek to make networks or machines resources that are not available to their intended users by indefinitely or disrupting services temporarily (Zhang et.al, 2015) Also, when addressing and managing threats, Denial of Service or Availability has 3 types that get targeted

1 Student paper 100%

Student paper

Security Architecture and Design

Original source

Security Architecture and Design

3 Student paper 85%

Student paper

Exhaustion of human resources

Original source

Exhaustion of human resources iii

3 Student paper 100%

Student paper

Stride is a model of security threat that has been built by Microsoft and categorizes the security threats that get associated with one’s computer (Abomhara et.al, 2015). STRIDE is normally comprised of diverse threat categories.

Original source

Stride is a model of security threat that has been built by Microsoft and categorizes the security threats that get associated with one’s computer (Abomhara et.al, 2015) STRIDE is normally comprised of diverse threat categories

3 Student paper 77%

Student paper

The Mitigation approaches or Methods to these threats are:

Original source

Exhaustion of the resources of computing The Mitigation approaches or Methods to these threats are

3 Student paper 100%

Student paper

Denial of Service (DoS) vi.

Original source

Denial of Service (DoS) vi

3 Student paper 86%

Student paper

Services by third parties

Original source

Services by third parties ii

4 onepoint 100%

Student paper

Elevation of Privilege

Original source

ELEVATION OF PRIVILEGE

3 Student paper 99%

Student paper

Given that the denial of service is a single threat involved in STRIDE that could get efficiently addressed by use of “wait and see” strategy and could still not expose systems to increased risks (Befekadu, et.al, 2017). For the reason that this aspect does not get impacted by the approach, attackers could disrupt any traffic despite of the “wait and see.” On the other hand, during this time, the method is then implemented and is somewhat easy in detecting the denial- of-service attack. When it comes to efficient use of the "wait and see" approach, the perpetrators seek to overwhelm the victim who has been targeted with huge quantities of traffic that is bogus for the victim to be preoccupied.

Original source

Validating requests Given that the denial of service is a single threat involved in STRIDE that could get efficiently addressed by use of “wait and see” strategy and could still not expose systems to increased risks (Befekadu, et.al, 2017) for the reason that this aspect does not get impacted by the approach, attackers could disrupt any traffic despite of the “wait and see.” On the other hand, during this time, the method is then implemented and is somewhat easy in detecting the denial- of-service attack When it comes to efficient use of the "wait and see" approach, the perpetrators seek to overwhelm the victim who has been targeted with huge quantities of traffic that is bogus for the victim to be preoccupied

5 Student paper 100%

Student paper

List one that you have been using or would like to use it.

Original source

List one that you have been using or would like to use it

2 Student paper 100%

Student paper

Explain different types of Threat Modeling Tools

Original source

Explain different types of Threat Modeling Tools

3 Student paper 81%

Student paper

Prevention of services

Original source

Prevention of services ii

3 Student paper 100%

Student paper

Optimal denial-of-service attack scheduling with energy constraint. IEEE Transactions on Automatic Control, 60(11), 3023-3028.

Original source

Optimal denial-of-service attack scheduling with energy constraint IEEE Transactions on Automatic Control, 60(11), 3023-3028

5 Student paper 100%

Student paper

Provide an example using some of the functionalities of this application.

Original source

Provide an example using some of the functionalities of this application

3 Student paper 100%

Student paper

Even so, Elevation of Privilege, Information Disclosure, Repudiation, Tampering and Spoofing could depict susceptibility if the “wait and see” approach gets implemented.

Original source

Even so, Elevation of Privilege, Information Disclosure, Repudiation, Tampering and Spoofing could depict susceptibility if the “wait and see” approach gets implemented

3 Student paper 100%

Student paper

Zhang, H., Cheng, P., Shi, L., & Chen, J.

Original source

Zhang, H., Cheng, P., Shi, L., & Chen, J