Professional Documents
Culture Documents
Institutional affiliation
Date
COMPUTER NETWORK SECURITY 2
defines, identify classify and prioritize vulnerabilities that can be exploited in a computer system,
computer and mobile applications and network infrastructure. And use the analysis outcome in
providing the associated organization with the necessary information on risk backgrounds and
knowledge to understand the threats to it's to their computer system. While suggesting the
appropriate ways to counter the problem. Such outcomes are used to prevent attacks or
exploitation in case cybercriminals tries to exploit the vulnerabilities found in a computer system
A system or computer network layout plan or policies should put first-hand consideration
the fact that system security should be given primary concern. These layouts should provide an
essential security foundation (Baloch, 2017). By first creating a physical security feature, not
giving physical access to the computer network or system that can be used as access points for
attacks. These will be achieved by creating a system where a stranger cannot easily access all the
access points to the network system without being noticed. Also, if they manage to have slight
access, they cannot get access to a point where they are not likely to cause any harm to the
system. These ensure a primary security feature in the system. A system layout should create a
format where following security features can be put in place without experiencing any difficulty
or obstacles. Also, software development and implementation should employ some basic security
features in the system that does not make it easy to have access to the system network ( Fisch,
Computer systems can be attacked in different varied ways. These are based on the
attacker's skills and interest also attacker takes a certain form of attack can also be adopted base
on the vulnerability in a system. These forms of attacks can include trojan horse attack. There is
COMPUTER NETWORK SECURITY 3
a form of attack where malware or spyware is deployed into the system. Malware is usually
deployed in a manner that makes it look like a legitimate system application. Such that when one
is installing an application, they unknowingly install the malware file into their system. After it is
successfully installed into the system, it can be used to gain access to the system network. And,
the attacker can perform any form of manipulation or access on the system (Backers et al., 2017).
Trojan opens a backdoor in a system that can be used by an attacker to have unlimited access on
the system.
The other form of attack that can be used by cybercriminals is the deployment of a virus
into a system. These are mainly applicable when one wants to destroy or corrupt files in a
system. A computer virus is malicious codes that when deployed in a system, it replicates by
copying itself to other programs and alters or corrupts the working applications of those
programs. The virus is mainly spread through attached emails. And also when one opens the
executable file in the attachment also, it can be installed by opening an infected website or
installing an application that has virus setup files. In the case of a virus attack company may lose
a lot of essential files, worms can also be used. These are a type of malware that spread over a
computer network through the exploitation of operating system vulnerability (Baloch, 2017).
Worms usually harm their host network through destruction of its bandwidth and cause
overloads on web hosts. Worms also deploy payloads that damage its host devices. These corrupt
system files and may cause great information loss in the system.
Denial of service attack. These are a form of attack where the attacker gets access to the
system and block other legitimate users of the system from having access to the system services.
Here, the attacker takes control of the server and programs the system to authenticate requests
COMPUTER NETWORK SECURITY 4
that give invalid return address to any legitimate user trying to use the system. These may bring
Session hijacking is another form of cyberattack where a user session over a protected
network is hijacked, and the attacker takes control of the system. Or the attacker can be
monitoring user activities and trafficking without taking over the system. With this attack,
sensitive system credentials can be leaked to the attacker where they can be used to gain access
to a system and finally, social engineering. There is a form of attack that mainly involves human
interactions with the system. Where they manipulate the system to suit their needs while
breaking security procedures publishes by the system owner. Such manipulations may include
creating backdoors that will enable them to have access to a network system.
Network Infrastructure
This network infrastructure has adoption of Local Area Network simulation; Where the
network is connected to the devices available in the company to facilitate telephony, internet
access and access to printers. Its interconnection is made of cable and Wi-Fi signal. Security risk
COMPUTER NETWORK SECURITY 5
involved I this system is that in case a worm virus or a trojan horse is deployed at one point of
the network. It can be easily spread throughout to all the devices that are connected to the system
— making it hard to control the spread of malicious files from one device to another.
Such a network system should have regular testing and analysis to inspect the availability
of malware and virus files. Inspection can be done daily since file transfer, and mail sharing is
done regularly on the system. In the case of trojan and malware detection, all its related files
should be quarantined and blocked from spreading further in the system for system security
check (Kaewunruen et al., 2018). Firewalls and files filters installation makes network
surveillance and management of malicious files easy as the report is collected and automatically
outputted by the system for necessary action to be taken. With a self-responsive system, one does
not require any special skills to identify viruses in the system. Instead, they should just be able to
follow instructions in the user interface. And, they can keep the system safe and uninfected
through a well-monitored data flow and transit from one device to another. And, also in making
sure that all access points and data endpoints are disinfected of virus and any malicious files.
And the creation of network restoration files after every inspection of the system. These ensure
that in case of a virus attack and files corruption system can be restored to its initial point.
Computer defense is the most effective is the means through which data acquisition
becomes the sole responsibility to secure (Kang & Kang, 2016). The information security bases
on the knowhow of the users who should have prior knowledge to help them prevent
unnecessary interactions. the intermediary between the civilian and the military is the computer
what is being defended. The content explained here shows types of information protected and
COMPUTER NETWORK SECURITY 6
indicates the cyber-attacks security principles – namely, AAA covering the auditing,
authentication and authorization, and the CIA triad of availability, integrity and confidentiality.
Several security awareness that comes along with user awareness. These security awareness
features enable the user’s mindset to be stronger through training. The security awareness
strategies used in defending against the cybersecurity attacks include defense-in-depth, disaster
and pattern matching are among the top-notch. The standard tactic used to defend information is
the computer network defense (CND) whose functions are to respond, protect, detect, analyze
When conducting the assessment for application or system, the aim should be on specific
areas, which are the highest value, highest impact, and highest volatility. After the determination,
the next focus is on the entire system. An assessment verifies a particular security control
whether it meets the requirements, while other system files intend to exploit, assess, validate and
Testing procedures inadequate system security are following the security assessment
policy (Kaewunruen et al., 2018). The policy manages both the implementation of the
assessment from the client and the organization while maintaining appropriate accountability for
the individuals (Hoffmann, 2015). These approaches aim to make sure that requirements are in
line with the policy regulations. The areas that the policy has to cover include the elements of the
organization with which they must confer with, adherence, responsibility and roles to an
Design a documented and repeated assessment reports which expedite new staff
transition provides a structure and consistency in assessment paving the way to further
COMPUTER NETWORK SECURITY 7
operations. Using this methodology enable the company or the organization to maximize its
potential and to minimize the risks associated. Security issues related to the type of risks may
result from lack of information gathered, thus causing dysfunctionality of the system and
sometimes the availability of the network. To help reduce the occurrence of such cases, there is a
procedure that needs to follow. The processes of minimaxing the risks apply the techniques such
as testing duplicates of the system production, performing system testing off-hours, logging
assessor activities, skilled assessor, and building comprehensive assessment plans. It is,
therefore, the responsibility of each organization to consider the levels of risk they can tolerate
Organizational risk levels depending on the available resources that the company has and
customized according to the specific resources, levels of risk and objectives (Hoffmann, 2015).
A combination of techniques forms up the organizations best limit on resources and dangers.
For the process of assessment to be completed, the organization must come up with a
mitigation plan (Kaewunruen et al., 2018). Once the risks and the weaknesses of the security
network are provided, immediate actions should follow to eliminate the emergence of these risks
from within and without the company. The mitigation plans will see the techniques into
actionable things. Hence the result will show how the organization addresses not only the
weaknesses in the processes of the organization but the technical weaknesses involved within the
Now that you've completed your test plans, it's time to define your penetration testing
process.
COMPUTER NETWORK SECURITY 8
Include all involved processes, people, and timeframe. Develop a letter of intent to the
organization, and within the letter, include some formal rules of engagement (ROE). The process
and any documents can be notional or can refer to actual use cases. If actual use cases are
vulnerabilities in the firm's network system (Backers et al., 2017). A penetration test is essential
for an organization as it could provide vulnerability and weaknesses in the system where hackers
can exploit. Primarily, penetration testing focuses on securing the business opportunities that an
attacker can take advantage of compromising the company's productivity. Network penetration is
categorized into two broad categories: Professional penetration tester and organizational internal
security team. For the two groups of testers, certain aspects should be considered before
Penetration Testing Engagement is a process that aims at finding out how an attacker can
access the company's system. Penetration testing is like a form of legal hacking intending to help
an organization regulate the control of threats to their system. There are several means in which
network testers can engage a system to find out vulnerable and explorable areas in a particular
network. Penetration testing would require an understanding of the scope where a proposal
would be generated to analyze the approach, effort and the cost outlines for penetration tests.
Among the processes of testing include test authorization, which allows the network tester to
gain access to the company's system and conduct the test (Baloch, 2017). The test authorization
legalizes the process of test penetration, which would have otherwise been illegal according to
Planning for penetration testing is a critical process because it involves the collection of
people, timeframe and processes. People involved in the category include; testers, IT manager
and the business shareholders. The roles of IT managers and shareholders are basically to
approve the test. On the other hand, the role of the testing team is to perform the test on the
system. The timeframe required for conducting a penetration test depends on the nature of
The rules of engagement contain plans and documentation that aids the penetration testers
can conduct their work. Fundamentally, some of the focuses of the rule of engagement include
the following;
The types of testing largely influence the results posted by the testing team to the
management o the organization. For example, there are different types of testing including; black
box testing, white box testing and an intermediate gray box testing (Hoffmann, 2015). The
selection of the test type come to play depending on the nature of the information provided to the
testing team (Kaewunruen et al., 2018). Black box testing involves penetration testing, where the
testing team behave just like the hackers who operate from external sources. In this form of
testing the tester is assumed to have the liberty of obtaining information from the employees and
former employees who may have access to the information about the system. White box testing
is a process where the testers are provided with information about the areas to cover are
The testing team needs to have the client's contact details because they are likely to
communicate often (Backers et al., 2017). Penetration testing involves exposing the computer to
COMPUTER NETWORK SECURITY 10
perform different tasks and hence, at the time, it could go wrong. For example, when there is a
denial of service attack in one of the client's computers, the testing team can correct immediately.
This form of penetration testing involves notifying the client on or before launching an
attack on their network. Some of these attacks include testing the readiness of the stuff in case
there is an intrusion or attack. Such penetration testing should be communicated to the clients as
During the process of penetration testing, the testers may be provided with sensitive
information about the company, and hence, data handling should professionally handle. Data
handling techniques should be specially handled in the rules of engagement for penetration
testing.
Regular meetings should be done between the client and the testers to improve effective
communication (Fisch et al., 2017). Penetration testing takes time, and therefore, communication
should be explaining how far the project should be handled and what is to be done.
Penetration testing tools must learn new processes of attacks from the associated risks. As
time goes by, the attackers’ changes tack, and so should is the penetration tools. The tools are
machines that can learn new things through their intelligence as well as practicing the routine.
Thus, these systems have to update and continuous cycles (Kaewunruen et al., 2018).
Metasploit powered by PERL is a penetration tool that offers the users or the system
tester the chance to customize the exploits either through creation or modification. The
functionality of the Metasploit depends on the development of java graphical user interface and
COMPUTER NETWORK SECURITY 11
the web-based support. The tool allows for conventional payloads and many exploitations such
as reverse shell when establishing the concept (Hoffmann, 2015). The device has a DNS server,
When mounting the attack, the Metasploit takes the following structures:
ii) synchronize the exploit selected to the remote port number and remote IP.,
iv) synchronize the local IP address and the port number to the payload
The Metasploit penetrating testing tool is characterized by the built-in shell, which
enables it to collect highly critical data such as the remote vital loggers and hash dump
passwords to show how the system severity and vulnerability. Wireshark comes in as the second
tool exploiting things such as lack of input validation, SQL injection, pollution and as well as the
overflow of the buffer. If such attacks become successful, then this will mean significant damage
to the internal systems and the database of any organization. At times the system can go without
detecting any vulnerability, but he does not say that there is no threats or chances for an attack
(Hoffmann, 2015). The tool used might be weak or cannot test for the specific vulnerability.
Hence, there is a need to continually check the threats and keep on improving the penetration
tools to have the latest updates (Backers et al., 2017). Once the risks and the weaknesses of the
security network are provided, immediate actions should follow to eliminate the emergence of
Black box testing is the process of testing network penetration when the testing team is
provided with zero or less information about the system. Black box penetration testing requires
COMPUTER NETWORK SECURITY 12
the tester to gain access to the network before making a compromise to the system. the tester,
just like the hacker, has little or no information about the network. the first step in testing the
network penetration is by, first, gaining a connection to the network. A Payload is developed and
sent to the client's computers through an email to check whether the emails in the company has a
Black box penetration testing involves a myriad of steps that generates reasonable and accurate
Profiling
This is the initial process of gathering information about a particular network. the
information collected includes concerns such as the DNS information, platforms running, web
COMPUTER NETWORK SECURITY 13
server’s versions, operating systems en masse (Kang & Kang, 2016). Gathering information can
Discovery is the process of determining the network's operating systems through banner
grabbing, presence of open ports, services running, & versions of the services, technology
information (Kang & Kang, 2016). Discovery helps identify the host that is present in the
network. Backbox penetration testing provides the tester with the use of enumeration where the
internal network allows the tester to identify resources and users, groups, routing tables and
service audits. Identifying information would allow the tester to understand the system attack
points.
Scanning
Scanning is an essential process which allows the tester to understand the vulnerabilities
in the network service. Security controls and information systems. Scanning identifies the
network topography and the operating system's vulnerabilities and service vulnerabilities.
Exploitation
Exploitation stage uses the already collected information on the active ports with related
vulnerabilities to exploit the services exposed safely. Exploitation engages research and
launching of payloads against the target environment with regards to the penetration test (Fisch
et al., 2017).
Reporting
COMPUTER NETWORK SECURITY 14
Reporting stage involves recording all the vulnerable and exploitable point to the client.
A thorough assessment is done on the vulnerable areas and a clear recommendation made.
These are systematic formats of estimating strengths and weaknesses of a security system
adopted by a company and provides the best approach for involved parties to experience reduced
costs in their investment. And make the best out of their money.
Risk management analysis is the evaluation of all the risk involved in a security system
installation and implementation. These entail the study of the cost of installation, and
management labour requirement, this can be used to determine whether the installation of certain
minimum cost. A selected security measure should completely prevent a company’s network
from cybercriminals. And also should consider instances of risk management in cases where the
security features put in place fails to keep away attacker. A security feature put in place should
be able to regain control of security. Also, in case of any information loss, it should be able to
recover all the lost information and data. It should ensure that the company does not need to
incur other costs to regain control of their system in case of an attack or to recover their lost data.
COMPUTER NETWORK SECURITY 15
References
Backers, M., Hoffmann, J., Künnemann, R., Speicher, P., & Steinmetz, M. (2017). Simulated
Baloch, R. (2017). Ethical hacking and penetration testing guide. Auerbach Publications.
Bayer, S., Enderle, T., Oka, D. K., & Wolf, M. (2016). Automotive security testing—the digital
crash test. In Energy Consumption and Autonomous Driving (pp. 13-22). Springer,
Cham.
Fisch, E. A., White, G. B., & Pooch, U. W. (2017). Computer system and network security. CRC
press.
Goel, J. N., & Mehtre, B. M. (2015). Vulnerability assessment & penetration testing as a cyber
Hoffmann, J. (2015, April). Simulated Penetration Testing: From" Dijkstra" to" Turing Test++".
Kaewunruen, S., Alawad, H., & Cotruta, S. (2018). A decision framework for managing the risk
of terrorist threats at rail stations interconnected with airports. Safety, 4(3), 36.
Kang, M. J., & Kang, J. W. (2016). Intrusion detection system using deep neural network for in-
LAB REPORT
During the lab report, it was clear that there were vulnerable situations where the
penetration tools could not predict the attacks, but an attacker could quickly bring it on.
Attackers are the technique by which an attacker or unauthorized group accesses the
network and does not cause the system to be generated or modified, but listens to what is
happening. An attacker discovers the policy by monitoring the exchange, communication, and
Below is the screenshot of the code that accessed the remote system of the servers.
WLAN traffic isolation through a separate firewall for the VPN connection.
COMPUTER NETWORK SECURITY 17