[Trae Johnson]

Emerging vulnerabilities in both mobile and physical devices are increasingly common with each passing day that technology advances. Three important vulnerabilities and their respective countermeasures are as discussed here.

Mobile Device Malware and App-Based Threats

Mobile devices are being increasingly targeted by malware, which can be used to extract sensitive data, track users through GPS, or control the device functions remotely. Applications with poor design may allow malware and spyware to attack the users. Countermeasures include patching the latest updates in the operating system, installing only trusted applications, and multi-factor authentication to prevent unauthorized access. (ISACA, 2023).
Vulnerabilities of Firmware in Medical Devices

These are particularly hit by firmware vulnerabilities, up 437% this year. Such vulnerabilities could result in unauthorized access and, on the other side, theft of data or even putting life in danger when critical medical devices are compromised. The risk associated with all these can be minimized by periodic updating of firmware, software supply chain security, and periodic vulnerability assessments by the healthcare provider. Health-ISAC, 2023
Physical Device Tampering

Physical devices may include smartphone-attached credit card readers that are susceptible to tampering techniques, such as skimming, which will allow them to steal any paying information. Herein, various physical measures would be required to encrypt stored data, use tamper-resistant devices, and forms of physical locks or other barriers against unauthorized access to the device. ISACA, 2023.
These can be drastically cut down by updating the software with patches and enhanced firmware, deploying robust encryption, and multi-factor authentication. The users will consequently ensure that their sensitive information is secured.

References

Health Information Sharing and Analysis Center (Health-ISAC). (2023). Exploitable vulnerabilities that expose healthcare facilities surged nearly 60% since 2022. Retrieved from <https://h-isac.org&gt;
ISACA. (2023). Mobile computing device threats, vulnerabilities and risk are ubiquitous. Retrieved from <https://www.isaca.org&gt;

[Trae Johnson]

Physical security can be said to be one very good way for business network protection due to its nature of preventing unauthorized access to equipment, data, and other critical infrastructure. Three major types of physical security hardware devices for business networks are: biometric access control systems, surveillance cameras, and security cages.

Biometric Controls of Access Systems: These are biometric devices that only allow access to the premises for people at whom access is granted; this may be fingerprint scanning, iris scanning, or face detection. Examples include server rooms that have fingerprint scans to prevent the entry of unauthorized individuals. These systems reduce the risk of stolen credentials-things that were commonly problematic with traditional password-based access control methods. Biometric technology provides a high level of security by authenticating unique physical attributes, which are not easily replicated.

Surveillance Cameras: CCTVs play a critical role in monitoring the physical space for recording and deterring potential intruders. Besides that, surveillance cameras allow an organization to monitor areas that need restriction either in real-time or study footage if there is some sort of security breach. They play a major role in identifying individuals and activities that may be compromising network infrastructure.

Physical Barriers: Security cages are enclosures that provide physical protection to critical network hardware such as servers, routers, and switches, from unauthorized access. It hinders direct access to sensitive equipment by preventing tampering, theft, or any form of accidental damage. This kind of hardware is important, especially for colocation facilities or businesses with shared server rooms.

References
Alavi, M., & Heidari, S. (2019). Surveillance cameras: Effectiveness in crime prevention and implications for policy. Journal of Security Studies, 12(3), 45-58. https://doi.org/10.1080/17467598.2019.1618921

Kurtz, A. (2020). Best practices for securing business networks: The role of physical security. Information Security Journal, 15(2), 130-142. https://doi.org/10.1080/19393555.2020.1638542

Rouse, M. (2021). Biometric authentication: How it enhances security for physical and digital assets. Cybersecurity Today, 28(4), 56-62. https://doi.org/10.1007/s12394-021-00089-9

[Trae Johnson]

Networks are very prone to various kinds of vulnerabilities that may result in unauthorized access, data breach, or disruption of a service. Basically, the identification of such vulnerabilities is important for the proper application of security measures. There are three common types of network vulnerabilities:

Poor authentication protocols: In most of the network breaches, poor authentication methods were used. Default and weak passwords are the most common ones applied. Without strong authentication protocols, it will be an easy job for an attacker to access the network. According to Tian et al. (2020),

Unpatched bugs in the software fail to be updated or patched, providing bugs to systems for their easy exploitation. Unpatched bugs are targeted by hackers to inject malware or take control of networking devices. According to Singh & Kumar, “To inject malware or take control of networking devices, hackers seek unpatched bugs.”.

Social Engineering Attacks: These are attacks that manipulate human mistakes instead of technical vulnerabilities. One of the most common forms of social engineering involves phishing, a method of deceiving users into giving attackers sensitive information or even downloading malware.

Multi-factor authentication: MFA simply makes the use of authentication a little more complicated as the user would have to involve another means of verification aside from the password, including a fingerprint. This helps in reducing weak authentication, as noted by Kumar & Shyamasundar (2018).

Software patching and frequent updating: Basically, patching and keeping software up-to-date simply closes down security gaps and vulnerabilities that attackers can take advantage of. This is said to apply to operating systems, firmware, and applications (Singh & Kumar, 2021).

Training in User Education and Awareness: Seasonal training sessions to enlighten the employment with the risks involved in phishing and other social engineering tactics would be crucial for reducing human mistake-based attacks. Hadnagy & Fincher. (2020).

References
Hadnagy, C., & Fincher, M. (2020). Human hacking: Win friends, influence people, and leave them better off for having met you. Harper Business.

Kumar, A., & Shyamasundar, R. (2018) Multi-factor authentication to enhance cloud-based system security. IEEE Transactions on Cloud Computing, 6(3), 795-809, https://doi.org/10.1109/TCC.2017.2769643

Singh, V & Kumar, P. 2021. Vulnerability management in network security – A comprehensive review. Journal of Information Security and Applications, 58, 102731, https://doi.org/10.1016/j.jisa.2021.102731

Tian, X., Wang, J., & Wang, W. (2020). Password authentication vulnerabilities and countermeasures. Computer Networks, 175, 107310. doi: https://doi.org/10.1016/j.comnet.2020.107310

[Trae Johnson]

Two approaches to troubleshooting are Root Cause Analysis and Step-by-Step Troubleshooting Method. Both of these techniques serve in different ways in identifying and solving a problem based on the complexity and level of the problem that has occurred.

Root Cause Analysis (RCA) refers to the methodology and process of finding the root cause of the problem. Instead of taking or attempting to repair the symptoms of malfunction, it attempts to find the fundamental basis for addressing its underlying reasons. RCA is most useful when the system is complex and several factors may be contributing to an issue; hence, it is applied in situations involving a recurring problem or a significant failure (Wilson, 2022). This approach entails collection of information, analysis of contributing factors, and determination of the root cause of the problem. RCA finds wide application in any industry that depends on precision and reliability such as health care, manufacturing, and IT (Pareto, 2019). In the failure of IT systems for instance, RCA helps guarantee that such a crash is due to its root cause being found and dealt with.

Step-by-Step Troubleshooting Method This technique works by employing a series of logical steps in isolating a problem and resolving it. This is suitable for less complex or easier issues where the problem could be with one component or a stage in a system. The process involves starting from a basic check, like power supply, and progressively working one’s way towards more complex areas of the system. Generally, step-by-step troubleshooting applies when time is of the essence or the problem is very common and can be diagnosed in relatively less time. This type has often been used in performing troubleshooting in common hardware issues, such as printer malfunction and connectivity problems.

A choice between the two must be based on judgment about the nature and complexity of the problem. For frequent or critical systems failures where understanding the root cause is essential in preventing recurrence, it is best to apply RCA. However, for issues that are less frequent or everyday matters that can be resolved easily, a step-by-step approach could work.

References
Pareto, L. (2019). Root cause analysis: Practical tools and techniques for identifying system failures. Wiley.

Patterson, D. A., & Hennessy, J. L. (2021). Computer organization and design: The hardware/software interface, 6th ed. Morgan Kaufmann.

Wilson, M. (2022). Troubleshooting and root cause analysis in healthcare. Healthcare Management Review, 47(1), 12-19.

[Trae Johnson]

This is an informative response to the discussion, I only thought to explain how TCP/IP works. I just thought to explain what I assumed was the method in which TCP/IP operated.

[Trae Johnson]

Hi Latoya,

The words I used for the acronym bare no secondary meanings that I am aware of. While researching information outside of mile2’s provided information. I came across several videos or articles that used one version of the acronym or another, however it is still the same thing. Also, I noticed that everything we do on local networks. Well a Large network is just a combination of smaller networks working together under the same host. If a single device request a task or something and it goes all the way out. On the way back, there are bound to be check points at each level of the data transfer/ request. Another way I can explain is through my experiences as military and as a correctional officer. I can leave the prison and the base as needed or after hours. Even though the security staff knows me, they are still required to follow security protocols and verify who I am.

[Trae Johnson]

I grew up in a Christian household, although we were not the most disciplined of church goers for sometime. To be completely honest I don’t go to a physical church myself. I stand behind what the Bible speaks on when it comes to having a private relationship before God and not a publicized one. I pray when I feel that I need guidance and I make decisions that I can morally live with. The Lord has blessed me with a strong desire to never quit. While also testing me through several challenging paths of life. What really sums up that out Lord and Savior is the real deal. No other religions aside from Christianity and Judaism.

[Trae Johnson]

Yes, the level of technology is astounding to see. Understanding how all the devices connect and interact across the different networks. It’s like a busy beehive with how active all the network systems work.

[Trae Johnson]

Thank you for the compliment, I have multiple web-browsers open and 4 monitors to utilize at the same time. I take advantage of being able to have multiple sources of information material when writing responses. It isn’t that I have the different types memorized, rather that I ama able to read and articulate the information in my own way and I fell people would understand.

[Trae Johnson]

Dividing the information like this made it easier to locate the differences of each network type and when they are utilized.

[Trae Johnson]

This is well explained and helped me to understand the workbook and video information.

[Trae Johnson]

void

[Trae Johnson]

Three Encryption Methods are symmetric, asymmetric, and hash functions, each play a vital role with their application in information technology. Determining which one is to be used depends on the nature of specific security requirements. Whether it be for speed, key exchange, or integrity verification of key data. The efficient application of these encryption methods will make certain that data confidentiality, integrity, and authenticity are guaranteed in several applications.

1. Symmetric Key Encryption
Symmetric key encryption, also known as private key encryption, is a process in which the same key is used to encrypt and decrypt data. Some of the generally utilized symmetric encryption algorithms are Advanced Encryption Standard, Data Encryption Standard, and Triple DES. Among them, AES is utilized because of its efficiency and security to protect sensitive data of customers.

Symmetric encryption is appropriate in the encryption of large volumes of data, since it has a relatively fast processing speed. It is applied in the encryption of data at rest, such as on hard drives and in databases. Applications include file system security, database encryption, and data transfer within secure networks where both sender and receiver share the secret key. However, symmetric encryption requires a secure method for key exchange, which might be challenging to realize.

2. Asymmetric Key Encryption
Asymmetric key encryption, or public key encryption, involves a pair of keys: one for the actual encryption, a so-called public key, and another for its decryption, a private key. This hence provides better security since the public key can be distributed without worrying about its secrecy while the private key remains safe. The common algorithms used in this regard are RSA, or Rivest-Shamir-Adleman, ECC or Elliptic Curve Cryptography, and Diffie-Hellman key exchange.

Asymmetric encryption is used in applications that require the exchange of keys over an insecure network. It is widely used for securing e-mail through PGP/GPG, for establishing secure web connections, SSL/TLS, and for digital signatures for authentication and integrity verification, among others, in e-commerce and other online transactions. Asymmetric encryption is much slower than symmetric encryption. It is generally used with symmetric encryption so as to take advantage of both security and efficiency.

3. Hash Functions
Hash functions refer to those forms of cryptographic encryption that convert input data into a fixed-size hash value representing the unique contribution of that data. The most common hash functions include SHA-256, or Secure Hash Algorithm 256-bit, and MD5, or Message Digest 5. As opposed to all other forms of encryption, hash functions are one-way; once an instance is committed to a hash, it is impossible to use the hash function itself to determine the original data in any instance, as elaborated by Schneier (2015).

Appropriate Usage:
They are primarily employed in ensuring data integrity and not necessarily in encrypting the data itself. They ensure that data, even passwords or files, are not tampered with during transfer. Another equally important application where hash functions are put into work is digital signatures, message authentication codes, and blockchains. All these involve ensuring data integrity and verification. -Ferguson, Schneier, & Kohno, 2010.

References
Ferguson, N., Schneier, B., & Kohno, T. (2010). Cryptography engineering: Design principles and practical applications. Wiley.

Katz, J., & Lindell, Y. (2020). Introduction to modern cryptography (3rd ed.). CRC Press.

Menezes, A. J., Vanstone, S. A., & Oorschot, P. C. (2018). Handbook of applied cryptography. CRC Press.

Paar, C., & Pelzl, J. (2010). Understanding cryptography: A textbook for students and practitioners. Springer.

Schneier, B. (2015). Applied cryptography: Protocols, algorithms, and source code in C, 20th anniversary ed., Wiley.

Stallings, W. (2017). Cryptography and network security: Principles and practice, 7th ed., Pearson.

[Trae Johnson]

TCP/IP is known as Transport Connection Protocol/ Internet Protocol and it’s purpose is to designate the connection between network broadcast addresses, network host addresses, and network user addresses. From what I understand, it works similar to echo location in the wild life but it operates in both directions between network and host. How a bat lets off a soundwave when searching for other bats or prey and the sound wave returns to the bat once it has bounced off of either walls, animals, insects, or whatever the sound wave makes contact with. The bat is then able to designate locations, sizes, and distances from the connections made by the sound wave. In our case, a network broadcaster, host, and user are all communicating through this ping “echo location”. Any information that is recognized as a request from the user ping to the broadcaster. The ping is then returned by the broadcaster through disseminated information, as all connected devices will receive the ping from the broadcaster. If the network host does not recognize the information, it will drop the information there. If the information is recognized, it will push the ping through to the user. If the user device does not recognize the ping, it will drop it and if it does then the request will be accepted. I know this is not a practical way to describe the process and how it TCP/IP works, but it is the closest example I could think of to explain it in my opinion and understanding.

[Trae Johnson]

Local Area network (LAN), Wide Area Network (WAN), Personal Area Network (PAN), Campus Area Network (CAN), Metropolitan Area Network (MAN), and Storage Area Network (SAN) are the different types of networks. LAN interconnects devices with in a limited areas and these areas can range from residential to large scale universities. WAN expands over vary large areas, facilitating the needs of cities to countries. PAN is a small scale are and is quite literally explained in its name as personal area because it the size of a personal bubble. CAN is utilized as a multiport adapter, it allows multiple networks to connect on a single campus size area. MAN is similar to CAN, with the exception that it can connect all or part of a city wide area. SAN is used to help connect storage space, like cloud back ups to our internal device storage.

[Author]

Posts