This process uses a security in dept approach

This preview shows page 7 - 9 out of 10 pages.

This process uses a security in dept approach utilizing layers or multiple security systems for authorization. The first step would be gaining access to a PC, this would only be authorized by a CareFirst employee or contractor of the company. By giving each employee their own personal password and not using a general password that anyone can use, this will allow for security personnel to track who accessed certain information or made changes. The last part will be to utilize the Jump server and token system to access data, this will be controlled by the security team.
Image of page 7

Subscribe to view the full document.

INFORMATION SYSTEMS AND IDENTITY MANAGEMENT 8 Password Cracking Tools Everyday new cyber-attacks or zero day exploits are developed, so even the most up to date software can still be venerable to attacks. Looking at the two password cracking tools that were used in the lab, Ophcrack and Cain and Abel. These two tool are very different but their goals are the same, to gain access to passwords by using software algorithms or attempting to try all known combinations to gain access, the tools have the abilities for hackers to change the length of the password and even add in options to use upper case and numbers. The more complicated a password is the harder it will be for the tool the crack it. The cornerstone of cybersecurity is password cracking. Over the last few years password hacking software has evolved tremendously. When an attacker is planning on using hacking software it is going to come down to two questions. How much computer processing power does the hacker have for the attack, and secondly what types of systems are in place that will be preventing the password attacks. Typically, password hacking involves a hacker attempting millions of different variations to gain access to a websites login page or the hacker attempting to brute force their way into the system. It will all come down to the power of the hackers machine, the faster the machine is the faster the cracking power will be (Courses, 2018). Therefore, password cracking tool should be used to test the company’s website and also the employee’s password efficiency. Two cracking tools were considered Ophcrack and Cain and Abel. Ophcrack is a rainbow-table based password cracker. This tool can import hashes from different formats included dumping directly from the SAM files of Windows. It works on Linux, windows and MAC (Courses, 2018) . Cain and Abel is a password recovery tool for Microsoft Windows . It can recover many kinds of passwords using methods such as network packet
Image of page 8
INFORMATION SYSTEMS AND IDENTITY MANAGEMENT 9 sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. During the testing the two password cracking tools were tested, after the testing it was determined that Ophcrack is the fastest when attempting to crack a password over Cain and Abel, Ophcrack also works on more operating systems. On the other hand, Cain and Abel is able to crack into different password configuration, this makes it more efficient.
Image of page 9
You've reached the end of this preview.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern