Incident Response Report Rafiu Atanda University of Maryland University College Advanced Cyber Exploitation & Mitigation Methodologies CST 630 Prof., SMITH CURTIS 8th May. 2018.
Wireless and BYOD Security Plan
BYOD/Wireless is a strategy that allows employees and organizations to utilize personally purchased /organization issued devices to perform …show more content…
One of the methods is by cross-referencing the Service Set Identifies (SSID?s) against an approved list of access point authorized by the security team. Any Ad Hoc access points within the vicinity of Millennium Bank Inc. are rogue access point by default because they are not managed by the organization security team.
All Millennium Bank Inc. authorized access point have Media Access Control (MAC) addresses that are broadcasted within the vicinity, and recognized by the organization Address Resolution Protocol (ARP) tables. The implementation of management controls to identify rogue access points includes policies and the use of strong encryption for WPA2 secure …show more content…
A leash is any information that is added to a packet designed to restrict the packet?s maximum allowed transmission distance. (Y.C Hug, 2003). There are two types of leashes type: geographical leashes and temporal leashes. In geographical leash, the recipient is within the distance of the sender while temporal leash ensures the packet has an upper bound to restrict the maximum travel distance.
Additionally, in an eavesdropping attack. The goal is to interfere with the signal between two nodes communicating, so the protection against it is to change the signal in some way by implementation of Frequency Hopping Spread Spectrum (FHSS) technology. The risk of signal interference is minimized by FHSS because random multi-frequency patterns are transmitted.
Self-Configuring Dynamic Networks: This is the process of automating configuration management tasks rather than using skilled administrators. It increases efficiency, productivity, reduces costs and error. The organization policies will dictate how self-configuring dynamic network will be created. There are some threats and vulnerabilities against the self-configuring dynamic network. These include inconsistent in configuration states due to dynamic configuration policies that can lead to operational failure. However, the protection will include enforcing a consistent configuration. Another threat is the change propagation problem. The protection will entail enforcing