Isabelle Tubbs
Forum Replies Created
-
Posts
-
Hello, Carlos! The mobile and physical vulnerabilities you mentioned are quite interesting. Your example with hardware backdoors in devices really shows the importance of buying from trusted vendors and viewing the behavior of devices. The USB attack you mentioned can be especially dangerous when the device automatically opens the USB that is plugged in. That is why sometimes this automation should be turned off, especially when many people will have access to the device. Great work this course.
Hello, Caleb! Great summary of the SOHO features. I like how you focused on why each feature is helpful for security or practicality. Although I did not mention Network Address Translation in my post, I agree that its addition to security make it an important feature. SOHO routers are great for sustaining a network in a somewhat small area.
A SOHO (small office home office) router is similar to a standard router, but it gives more network control because of its greater number of functions. Most use private IP ranges and give access control features, and it is essentially a network node.
Because a SOHO router is such an important device, it contains many different parts and features. In itself, it should have memory, a CPU, an OS, and storage like most computers have. Typically, it also contains a switch, DHCP server, and firewall. A network switch “is responsible for filtering and forwarding the packets between LAN segments based on MAC address” (GeeksforGeeks, 2024). A DHCP server assigns IP addresses and additional settings, and a firewall controls the network traffic, making sure no unauthorized things come to the software.
There are different situations that call for different structures of SOHO routers, so there are some additional features. There could be static IP assignment instead of a DHCP server, or it could contain a wireless access point (WAP), VPN concentrator, or broadband modem.
References
GeeksforGeeks. (2024, August 13). What is a Network Switch and How Does it Work? https://www.geeksforgeeks.org/what-is-a-network-switch-and-how-does-it-work/Assessing the vulnerabilities of mobile and physical devices and can be helpful for coming up with ways to prevent attacks that exploit those vulnerabilities.
One vulnerability involves the type of network used on a mobile or physical device. If someone is connected to a public network or is simply sharing information insecurely, that leaves the device vulnerable to attacks. To prevent this, it can be helpful to use virtual private networks and encrypted messaging so that the messages cannot be intercepted (Cyserch, n.d.). Users, who may not know about these options or vulnerabilities, should be informed on how they can use their devices more securely.
A vulnerability that can easily come up on mobile devices involves configuring app permissions (Cyserch, n.d.). When someone downloads an app, the app typically sends some pop-ups asking for certain permissions. It can be easy to just say yes to all of them, but this is not safe. Some permissions must be enabled to use the app. For example, it makes sense that the camera app needs permission to take photos and videos and access photo and video files. However, if a new weather app or gaming app is asking for it, this should probably be denied. As a result, users should be informed that they should check their app permissions regularly to make sure they are only enabling the permissions that are absolutely necessary (Cyserch, n.d.).
Finally, the physical theft of someone’s device is a big device threat (Cyserch, n.d.). Naturally, physical measures should be in place so that devices are not stolen, but if those fail, there should be other measures in place. For example, encrypting the data on a device, placing strong authentication measures, and enabling remote wipes on a device can prevent someone from being able to steal the information even if they have the device with them (Cyserch, n.d.).
There are many potential vulnerabilities to devices that should be acknowledged, but there are also many ways to protect information. There is not one method that can make everything secure, but using a combination of security measures can prevent a lot of attacks.
References
Cyserch. (n.d.). Common Vulnerabilities in Mobile: An In-Depth Guide. Retrieved May 9, 2025 from https://www.cyserch.com/blog/Common-Vulnerabilities-in-Mobile-:-An-In-Depth-GuideIt can be easy to focus on the list of scary things that as humans would be natural to fear, but this devotional calls us to remember how powerful God is. God operates on a much higher level than we can even understand. We should fear and respect Him more than any other thing. I think today there are many people who may have fear and anxiety in life, but they do not have fear and respect for God. Knowing that God is bigger, stronger, and greater than anything else is a great comfort and reduces some of the other fears. Having God’s love and presence in our lives helps us focus on Him. It is far better to focus on God than to focus on anything else. He promises to be with us, so spending time with Him and meditating on His Word brings us peace, love, and joy as He renews our minds.
Businesses today need physical security hardware devices to maintain security and safety of data and information. Three tools include intrusion detection systems, firewalls, and multi-factor authentication.
An intrusion detection system (IDS) examines the traffic on the network and then sends out an alert if it finds any malicious activity or unauthorized access (GeeksforGeeks, 2025). This is an important system to install for businesses who need to know when any attacks or unauthorized accesses happen on the system. Likewise, having a physical detection system, like surveillance cameras and sensors, is beneficial for business locations (Avigilon, n.d.).
However, to prevent attacks in the first place, firewalls are important tools for controlling the incoming and outgoing traffic. They are used to deny access to malicious users or software while also allowing known objects in. Although an intrusion detection system is helpful for alerting businesses of attacks, it is also good to have systems in place that prevent such things.
Another method for security is the way authorized users are authenticated for access. Previously in this course, we learned how multi-factor authentication can be more secure for authenticating users. It can use information (like a password), or an object (like access to an email), etc. Using more than one method can help businesses be more secure because it requires more than just a password to get in to access important information. This can apply to logging in online or even for accessing a secure building (Avigilon, n.d.).
References
Avigilon. (n.d.). What is physical security? Controls, methods, and measures for commercial buildings. Retrieved May 2, 2025 from https://www.avigilon.com/blog/physical-security-guide#key-physical-security-measures
GeeksforGeeks. (2025, April 28). Intrusion Detection System (IDS). https://www.geeksforgeeks.org/intrusion-detection-system-ids/Hello, Caleb! Great evaluation of some physical tools for the protection of businesses. I agree that studying this is an important aspect of security. Camera systems are a good way to send alerts of intruders and to also keep evidence of it. Key cards do have a disadvantage that they sometimes need to be fixed more often than traditional keys, but since they are not easy to copy, they do add more security.
Great evaluation of network vulnerabilities and possible solutions or controls. What I found particularly interesting was that you brought up using a different network, specifically using them on insecure public network connections. This shows the importance of educating users about their technology and network connections. Public networks may seem more convenient, but they are not the safest. Like you mentioned, encryption and VPN connections are good actions to take.
Jesus’s authority shows that He is both fully man and fully God. He has the authority to forgive sin, and one example of this is found in this week’s passage. The Pharisees condemned Jesus for saying He could forgive sins because only God can forgive sin. However, this was exactly the point. Jesus dwelled on the earth to be a perfect example for us and to be a perfect sacrifice so we could be forgiven. At the same time, He is the Son of God. His power is amazing and cannot be fully fathomed.
Others may present other religions, but the Lord has shown that He is the One with true power. He is the one true God, the King of kings, and the Lord of lords.
What is great in this week’s passage is that Jesus not only forgives the man, but He also heals him too. He sets him free spiritually from sin and physically from a disability. Jesus came to bring us true freedom.Hello, Carlos! Yes, if a hacker or a malicious software gains any type of access to a system, this is a huge threat. However, like you mentioned, keeping things up to date and implementing strong policies and protocols can reduce the level of risk. I also would like to add that educating users on safe online practices could prevent unintentional installation of malware.
Networks connect a user and their device, which contain a lot of sensitive data about the user and organization. As a result, vulnerabilities like insecure technologies and user behavior, as well as attack threats like malware, should be prevented.
Malware can come in many different forms, but it is essentially a way to spread malicious software throughout a system, which could spread to other systems as well. One way to prevent the installation of malware is to have antimalware installed so that it can detect suspicious files before installation and notify the user.
Insecure technologies could occur from older equipment and protocols. For example, using an older version of Windows could make it susceptible to forced access attacks from a rainbow table. If a more modern version of Windows was installed, it would make it more difficult for attacks to be successful. Also, updating the hardware on a device would make it stronger as well.
The behavior of users can leave a device vulnerable if they are not educated in preventing attacks and using safe techniques while online. Teaching users how to use their devices safely would prevent threats from users such as installing malware. Additionally, restricting user controls would prevent some users from being able to install malware in the first place.
Hello, Cameron! I also wrote about Storage Virtualization, and it is true that it took some time to find a con to using it. However, if a business is not willing to pay the initial cost of virtualization, then they need to decide whether or not to use it ahead of time. Although I think this would really not be an issue with large companies. Also, nice work with Desktop Virtualization. Using a third party can complicate things a bit, but your example of using it with gaming is great.
Virtualization contains many different aspects. Each of which have some advantages and disadvantages. Two virtualization components are storage virtualization and data virtualization.
Storage virtualization involves taking the amount of storage on the system to be assigned to the virtual machines, which makes the storage efficiency even greater and assures that storages changes to one VM do not affect the other VMs (GeeksforGeeks, 2025; Naik, 2024). For a company or organization, taking advantage of the amount of available storage is beneficial. However, this does make management of the virtual machines more complex, and using virtualization would be costly at first (GeeksforGeeks, 2024; GeeksforGeeks, 2025). This must be taken into account before opting to use virtual machines.
Data virtualization is taking the combined data and creating a virtual data layer that shows the data all in one place (GeeksforGeeks, 2025; Naik, 2024). Having centralized control from virtualization gives IT professionals more convenience and saves their time. However, a risk with data virtualization is that using a third party’s platform could make the data open to attacks (GeeksforGeeks, 2025; GeeksforGeeks, 2024). As a result, security measures (as with any device or group of devices) must be put in place.
References
GeeksforGeeks. (2024, June 11). Pros and Cons of Virtualization in Cloud Computing. http://www.geeksforgeeks.org/pros-and-cons-of-virtualization-in-cloud-computing/
GeeksforGeeks. (2025, April 10). Virtualization in Cloud Computing and Types. http://www.geeksforgeeks.org/virtualization-cloud-computing-types/#types-of-virtualization
Naik, R. (2024, December 11). Understanding the Types of Virtualization in Cloud Computing. Crest Infosystems. http://www.crestinfosystems.com/types-of-virtualization/Hello, James! Those are two great options for troubleshooting. Command lines are helpful tools, especially with testing network connections. Task Manager helps to essentially get real-time information with how the CPU and memory are being used. Getting information from this gives a good starting place for what actions to take next.
This week, we learned about the command line tools and options for testing a network connection. If there is an issue with a network connection, using these tools to troubleshoot the problem is important. For Windows, using ipconfig can provide information about the IP settings configured on the device. If the NetBIOS information is what is required, using nbtstat would be appropriate. Also, doing a ping, tracert, or pathping would be good tests to see what a device is currently able to connect to, like the server and other devices on the network.
If the issue is not necessarily related to a network connection, there are other troubleshooting options. The Windows Recovery Environment is a troubleshooting tool that allows the Windows device to look for and resolve any problems, particularly with startup issues. This is helpful for IT professionals because it gives them information for how to solve the issue. Another option is to boot to the Windows Pre-Installation Environment, which allows access to files and helps resolve issues as well.
