96%(143)137 out of 143 people found this document helpful
This preview shows page 9 - 11 out of 15 pages.
CCMP protects data by allowing only authenticated user to access it. WPA2 made traveling from one access point to another seamless without having to reauthenticate the user. (Wong, 2003)Although there are other protocols that we will have with the BYOD policy, the one that will be a huge debate is Bluetooth. Though it may be a useful tool for headphones or Fitbit connectivity to your cell phone it may leave additional vulnerabilities. Information loss can occurwhen allowing a cell phone, tablet, or laptop, is left in discoverable mode. It increases the risk of unauthorized people accessing sensitive information. Making sure to take the phone out of this mode and turn Bluetooth sharing off will shut down this known vulnerability. Remote Configuration ManagementRemote configuration management allows an administrator the ability to remotely configure changes through the network, without being in the same location. This is done by installing remote control software, running a remote service, or special protocols. Remote management software gives alerts the administrator when someone is trying to connect remotely.To limit activity of malicious intent the administrator assigns levels of permission to each user that has access. Hackers have been known to attack management tools to gain access to networks
Incident Response10and systems. “Microsoft's remote desktop protocol, port 3389, was maliciously used by hackers to trick users into allowing the hacker into their machines by posing as Microsoft personnel. Afterward, hackers would encrypt the user's machine, essentially locking the user out of their machine, and then demand money to unlock the device. This vulnerability was mainly exploited on older versions of Windows such as Windows XP.” Therefore, the usage of Cisco VPN software has been the primary usage the connect to any system remotely. (UMUC, 2016).There has been a recent incident reported that there was an undocumented device on the network. It’s imperative that we remove this device before it potentially compromises the network or other devices. Will first black list the mac address and promote whitelisting of all approved VPN users via active directory and the management software. To verify that the user has been removed, all active VPN connections will be scanned, using Cisco VPN management software and Wireshark. Once the device has been confirmed, our cyber security team will find out more information on the attacker and turn it over the authorities. Employee MisconductThere has been a report of an employee accessing the company through an ad-hoc wireless network. Ad-hoc wireless networks are also known as peer networks. A peer network is formed from computer to computer connected devices which are called nodes. These nodes are connected to a centralized device like a router or switch. This creates another local area network that can quickly be deployed with minimal configurations. The wireless adapter must have the same SSID, on the same channel, and set to ad-hoc mode. There are some vulnerabilities that are