100%(17)17 out of 17 people found this document helpful
This preview shows page 9 - 12 out of 14 pages.
Remote configuration management can be used for configuration, diagnosing problems/troubleshooting, asset discovery, patch management and monitoring which helps maintain the security posture of the network.An undocumented device was recently found on the company network. Using SOTI MobiControl, we will remote lock the device out of the network. SOTI offers full remote control of a device which will allow us to take several actions, such as shut it down, lock it down, or simply remove it from the network. After removing the device, a network scan will be performedto verify that the device is indeed removed.
Incident Response10Employee MisconductAn employee has recorded logins during unofficial duty hours using an ad-hoc wireless network. An ad hoc wireless network, also know as peer networks, consist of computer to computer connected devices that called nodes. These devices connect to one another without a central device like a router. This configuration is useful to share files or other data directly with another computer. Hackers can generally find a device and easily connect to it if they are within range of 100 meters. This allows a hacker to easily transfer data from the device. Since ad hoc networks don’t communicate with an access point, they can be detected by checking the frame data. If neither the FromDS not the toDS bit of the 802.11 header is set, then it is part of an ad hoc network. Ad-hoc networks are vulnerable to two different types of attacks; active and passive. Some active attacks include black hole, byzantine, wormhole, spoofing, and sybil. In a black hole attack, the attacker injects false replies to the requestor. These can be made to divert network traffic for eavesdropping or attract all traffic in order to perform a denial of service attack by dropping the received packets. Passive attacks include Denial of service attack, Distributed denial of service, and IP spoofing. In a denial of service (DoD) attack, an attacker attempts to prevent legitimate users from accessing information or services. A denial of service (DoS) attack clogs up memory and resources on the target system that it cannot serve its users. To secure our network, ad hoc network connections will be disabled, and users will need to authenticate to gain access to the network. Firewalls and routers will be implemented that detect and prevent the attacks mentionedabove.
Incident Response11Self-configuring dynamic networks automate configuration management. The goal of self-configuring networks is to create programmable configuration changes based on organizational configuration policies. Our networks are configured and maintained by skilled administrators. Automation will increase configuration efficiency and productivity and minimize errors and costs. However, some problems can arise when automating tasks.