1 / 3100%
Weekd 2d –d AntiVirusd andd NMAPd Scans
CYB/205:d Infrastructured Administration
• Mostd networkd breachesd god undetectedd ford weeksd ord evend months,d andd and attackerd
usuallyd takesd stepsd god undetected.d Withd thatd ind mind,d writed ad shortd paragraphd
describingd howd thed DEFAULTd Windows®d firewalld andd securityd settingsd mightd
contributed tod thisd inabilityd tod detectd and attackerd probingd fromd insided yourd
o Thed basicd goald isd tod overwhelmd ad defender’sd resourcesd andd caused ad shutdownd ord
prolongedd inabilityd tod deliverd services.d Oned categoryd ofd attack—protocold
attacks—ared designedd tod draind firewalld andd loadd balancerd resourcesd tod keepd
themd fromd processingd legitimated traffic.d Whiled firewallsd cand mitigated somed
typesd ofd attacks,d theyd cand stilld bed overloadedd byd protocold attacks.d Thered isd nod
easyd fixd ford attacks,d asd thered ared numerousd attackd strategiesd thatd cand leveraged
differentd weaknessesd ind yourd company’sd networkd architecture.
• Described thed complicationd ind thed AntiVirusd andd NMAPd scand processd ford ad larged
Enterprised networkd withd overd 1000d computersd asd opposedd tod ad smalld 3d computerd
o Enterprised breachesd ared usuallyd thed resultd ofd ad veryd targetedd attack.d Hackersd sitd
ford daysd tryingd tod enumerated whateverd informationd theyd cand regardingd thed
employeesd ofd thed organizationd theyd ared targeting.d Theird likes,d dislikes,d habits,d
sitesd theyd visitd ad lot,d workd hours,d laptopd operatingd system.d Mostd importantlyd
theird workd andd personald emaild addresses.d Thed mored computersd associatedd tod ad
networkd thed mored chancesd and attackerd hasd atd gainingd accessd tod thatd network.
• Considerd ad cloud-hostedd Infrastructured asd ad Serviced (IaaS)d environmentd withd
manyd new,d internet-accessibled systemsd regularlyd beingd builtd andd broughtd online.d
Described thed challengesd ind preventingd attacksd ind thisd environment?d
o Cloudd computingd providesd ad scalabled onlined environmentd thatd makesd itd possibled
tod handled and increasedd volumed ofd workd withoutd impactingd systemd performance.d
Cloudd computingd alsod offersd significantd computingd capabilityd andd economyd ofd
scaled thatd mightd notd otherwised bed affordable,d particularlyd ford smalld andd medium-
sizedd organizations,d withoutd thed ITd infrastructured investment.d Cloudd computingd
advantagesd include:d Organizationsd cand provided uniqued servicesd usingd large-scaled
computingd resourcesd fromd cloudd serviced providers,d andd thend nimblyd addd ord
removed ITd capacityd tod meetd peakd andd fluctuatingd serviced demandsd whiled onlyd
payingd ford actuald capacityd used.d Organizationsd cand rentd addedd serverd spaced ford ad
fewd hoursd atd ad timed ratherd thand maintaind proprietaryd serversd withoutd worryingd
aboutd upgradingd theird resourcesd wheneverd ad newd applicationd versiond isd
available.d Theyd alsod haved thed flexibilityd tod hostd theird virtuald ITd infrastructured ind
locationsd offeringd thed lowestd cost.d Nod hardwared ord softwared installationd ord
maintenance.d Optimizedd ITd infrastructured providesd quickd accessd tod neededd
computingd services
• Finally,d concluded thisd week'sd assignmentd withd ad paged explainingd howd thed samed
typesd ofd toolsd demonstratedd ind thisd labd ord discoveredd ind yourd researchd mightd bed
usedd byd and infrastructured administratord tod helpd secured and environment.
o Networkd infrastructured devicesd ared oftend easyd targetsd ford attackers.d Onced
installed,d manyd networkd devicesd ared notd maintainedd atd thed samed securityd leveld asd
general-purposed desktopsd andd servers.d Thed followingd factorsd cand alsod contributed
tod thed vulnerabilityd ofd networkd devices:d Fewd networkd devices—especiallyd smalld
office/homed officed andd residential-classd routers—rund antivirus,d integrity-
maintenance,d andd otherd securityd toolsd thatd helpd protectd general-purposed hosts.d
Manufacturersd buildd andd distributed thesed networkd devicesd withd exploitabled
services,d whichd ared enabledd ford eased ofd installation,d operation,d andd maintenance.d
Ownersd andd operatorsd ofd networkd devicesd oftend dod notd changed vendord defaultd
settings,d hardend themd ford operations,d ord performd regulard patching.d Internetd
serviced providersd mayd notd replaced equipmentd ond ad customer’sd propertyd onced thed
equipmentd isd nod longerd supportedd byd thed manufacturerd ord vendor.d Ownersd andd
operatorsd oftend overlookd networkd devicesd whend theyd investigate,d lookd ford
intruders,d andd restored general-purposed hostsd afterd cyberd intrusions.
Students also viewed