Please provide answer for the below question

OriginalityReport.pdf

Home >Computer Science homework help >Please provide answer for the below question

8/2/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=6e7dce18-dfe2-4c9e-9650-0b442ed4352a&course_… 1/3

%60

%11

SafeAssign Originality Report Network Security - 201931 - CRN188 - Kotaprolu • Week 12 Assignment Submission

%73Total Score: High riskKranthi Kiran Kumar Gummula Submission UUID: e1d6fc91-5420-b456-7105-da09b95d6435

Total Number of Reports

1 Highest Match

73 % WEEK12DISCUSSIONS.docx

Average Match

73 % Submitted on

08/02/19 12:26 PM EDT

Average Word Count

595 Highest: WEEK12DISCUSSIONS.docx

%73Attachment 1

Institutional database (5)

Student paper Student paper Student paper

Student paper Student paper

Internet (2)

uqu slideplayer

Global database (1)

Student paper

Top sources (3)

Excluded sources (0)

View Originality Report - Old Design

Word Count: 595 WEEK12DISCUSSIONS.docx

1 5 7

6 2

8 3

1 Student paper 5 Student paper 7 Student paper

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=6e7dce18-dfe2-4c9e-9650-0b442ed4352a&course_id=_44076_1&download=true&includeDeleted=true&print=true&force=true

8/2/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=6e7dce18-dfe2-4c9e-9650-0b442ed4352a&course_… 2/3

Source Matches (16)

Student paper 69%

Student paper 86%

slideplayer 78%

Student paper 78%

Student paper 84%

Student paper 67%

12.1 Firewall has three goals namely; Any traffic going in the system or outside the system must pass through the firewall

Only local security authorized traffic will be allowed to pass through the firewall

Internal threats are often set aside since firewall provides alert of any possible malware alert. 12.2 Firewalls apply four techniques to control access and enforce

security policies. These techniques are; · Service control this determines the type of service allowed to access from the network · Direction control this determines the exact direction within which requests over the network are allowed to flow in the firewall. · User control controls the service in which a user is trying to access. ·

Behavior control this controls the use of particular services over the firewall.

12.3 Typical packet filtering firewall uses the following information · Source and destination IP address. · Source and destination level transport address · IP

protocol field · Interface. 12.4 Packet filtering firewall has various weaknesses some of which include: · They cannot prevent attacks that utilize application specific vulnerabilities · Their logging in functionality is limited · They are open to attacks which take advantage of problems associated with TCP/IP specification and protocol stack. · They are susceptible to security breaches caused by improper configuration

12.5 A stateful inspection firewall takes a higher layer context into consideration tightening up the rules for TCP connection a packet filter will therefore allow

incoming traffic only for those packets which fit the profile of one of the entries in this directory. A stateful inspection firewall will again review the same packet

information as packet filtering firewall but also records the information about TCP connections.

12.6 Application level gateway acts as relay of application level traffic. In this the user contacts the gateway which prompts the user for the name of the remote

host to be accessed. After getting the name the gateway contacts the application on the remote host and relays the TCP segments containing the application

data between the two endpoints.

12.7 Circuit level gateway does not allow end to end TCP connections but instead the gateway sets up two TCP connections one between itself and the inner host

and one between itself and the outside host relaying the segments without confirming or counters checking their details.

12.8 The following are the common characteristics of a bastion host · Only the services considered to be essential by the network administrator are installed in the bastion host. · Bastion host may require authentication before any user is allowed to access the proxy services. · Each proxy is configured to allow access only to

specific host systems. · Each proxy logs all traffic, each connection and its duration. · Each proxy is independent of other proxies in the bastion host and runs in a private secured directory (Thubert, Yang, Klecka III, Wetterwald, & Levy-Abegnoli 2017). 12.9. Host based firewall refers to a software designed to secure

individual host. This software is characterized with the following benefits · Individuals are able to tailor filtering rules to the host environment. · It provides protection independently from each topology · It provides an additional protection layer.

12.10 This refers to network inside the external firewall but outside the internal firewall whereby the external firewall basically provides basic protection to the

DMZ network. This type of network is found in systems such as web servers, the email application systems and the DNS servers.

12.11 External firewalls provides a measure of access control and protection for the DMZ systems while internal firewalls provide strict filtering rules in order to protect enterprise servers from external attackers

1 2

5 6

Student paper

12.1 Firewall has three goals namely;

Original source

· 12.1 List three design goals for a firewall

Student paper

Any traffic going in the system or outside the system must pass through the firewall

Original source

Any traffic going outside the system and moving into the system must pass through the firewall

Student paper

Only local security authorized traffic will be allowed to pass through the firewall

Original source

Only authorized traffic (defined by the local security policy) will be allowed to pass

Student paper

12.2 Firewalls apply four techniques to control access and enforce security policies.

Original source

· 12.2 List four techniques used by firewalls to control access and enforce a security policy

Student paper

· User control controls the service in which a user is trying to access.

Original source

User control controls which user is allowed to access the service

Student paper

12.3 Typical packet filtering firewall uses the following information · Source and destination IP address.

Original source

Typical packet filtering firewall determines the Source and destination IP address and transport-level address

8/2/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=6e7dce18-dfe2-4c9e-9650-0b442ed4352a&course_… 3/3

Student paper 79%

Student paper 91%

uqu 68%

Student paper 90%

Student paper 82%

Student paper 84%

Student paper 64%

Student paper 92%

Student paper 74%

Student paper 65%

Student paper

· Source and destination level transport address · IP protocol field · Interface. 12.4 Packet filtering firewall has various weaknesses some of which include:

Original source

+ Source and destination IP address + Source and destination transport-level address + IP protocol field + Interface 12.4 What are some weaknesses of a packet filtering firewall

Student paper

· They are susceptible to security breaches caused by improper configuration

Original source

Susceptible security breaches caused by improper configuration

Student paper

12.5 A stateful inspection firewall takes a higher layer context into consideration tightening up the rules for TCP connection a packet filter will therefore allow incoming traffic only for those packets which fit the profile of one of the entries in this directory.

Original source

A stateful inspection packet filter tightens up the rules for TCP traffic by creating a directory of outbound TCP connections, and will allow incoming traffic to high- numbered ports only for those packets that fit the profile of one of the entries in this directory

Student paper

A stateful inspection firewall will again review the same packet information as packet filtering firewall but also records the information about TCP connections.

Original source

A stateful inspection firewall reviews the same packet information as a packet filtering firewall, but also records information about TCP connections

Student paper

12.6 Application level gateway acts as relay of application level traffic. In this the user contacts the gateway which prompts the user for the name of the remote host to be accessed.

Original source

12.6 Application level gateway behaves as a application level traffic relay First, the user contacts the gateway, the gateway asks name of the remote host to be accessed to the user

Student paper

After getting the name the gateway contacts the application on the remote host and relays the TCP segments containing the application data between the two endpoints.

Original source

When the user responds, the gateway then contacts the application on the remote host and relays TCP segments containing the application data between the two endpoints

Student paper

12.7 Circuit level gateway does not allow end to end TCP connections but instead the gateway sets up two TCP connections one between itself and the inner host and one between itself and the outside host relaying the segments without confirming or counters checking their details.

Original source

A circuit-level gateway involves sets up of two TCP connections, one between itself and an inner host and the other between itself and outside the host

Student paper

· Bastion host may require authentication before any user is allowed to access the proxy services. · Each proxy is configured to allow access only to specific host systems. · Each proxy logs all traffic, each connection and its duration. · Each proxy is independent of other proxies in the bastion host and runs in a private secured directory (Thubert, Yang, Klecka III, Wetterwald, & Levy-Abegnoli 2017).

Original source

The bastion host may require authentication before a user is allowed to access to the proxy services Each proxy is configured to allow access to only specific host systems Each proxy logs all traffic, each connection and its duration Each proxy is independent of other proxies on the bastion host and runs in a private secured directory

Student paper

Host based firewall refers to a software designed to secure individual host.

Original source

· A host-based firewall is a software module used to secure and individual host

Student paper

12.10 This refers to network inside the external firewall but outside the internal firewall whereby the external firewall basically provides basic protection to the DMZ network.

Original source

DMZ network is the network inside the external firewall, but outside the internal firewall