home study engineering computer science questions and an

home / study / engineering / computer science / questions and answers / case project 1 six months after your initial security ...

Your question has been answered! Rate it below.

Let us know if you got a helpful answer.

Question: Case Project 1 Six months after your initial secur...

Save

Case Project 1

Six months after your initial security audit, the credit union’s manager contacts you to conduct a follow-up security audit. He mentions that his networking team followed your suggestion for improving the LAN and WAN security. However, since then several wireless components have been added to the network, including an access point at each of its two locations. These access points allow employees to connect with the LAN and another access point at each of its locations designated for customer access. The manager doesn’t even know if wireless security measures have been implemented, much less whether any measures that might have been implemented are as secure as possible.

Describe at least three separate techniques that could be used to improve wireless LAN security. Among these, which do you recommend for the employee WLANs at each location, and which do you recommend for the customer WLANs? Why might the two types of WLANs differ in the method of secure transmission they use? Finally, how can the credit union’s network administrators ensure that customers who bring their PDAs or laptops into the bank can access customer WLAN but cannot access the employee WLAN?

Case Project 2

A year after your first visit to the credit union the manager calls you once again. His business is experiencing tremendous growth and needs to either open another branch office on the west side of town or allow their auditors and loan-processing staff to work from home. He asks you to compare the security requirements of opening a new branch office versus implementing a VPN solution (using employees’ home broadband Internet connections) for work-at-home employees. As part of your comparison, identify the costs associated with these security requirements. What factors do those costs depend on? For an expansion of 10 users, which solution to you recommend?

Please answer Both cases above , Thank you very much for taking time to help me

Solution

Case 1

Wireless network transmissions are mostly susceptible to Denial of service(i.e. intruder floods the network with messages affecting the availabilty of network resources), spoofing or Session Hijacking(i.e attacker gain access to information and resources pretending to be accessed by authorized user) and eavesdropping (i.e. attack against the confidentiality of data).

The three ways to improve wireless LAN security are following -

1. WEP (Wired Equivalent Privacy)-  In 802.11 protocol standards, the client only need to know the SSID of access point, which is broadcasted by many access points. Network administrators may prevent their access points to broadcast the SSIDs by placing access points outside the firewall. Firewall can be configured to enable access only by legitimate users based on MAC and IP addresses.

The 802.11 standard allows for optional encryption using WEP standard. WEP uses keys to authenticate network clients and encrypt data. When WEP is enabled, the same key is fed into the RC4 cipher to encrypt data frames. Only stations that possess the shared key can join the WLAN, but the same key decrypts frames transmitted by other stations.

2. 802.11i standard - The 802.11i standard\'s Temporal Key Integrity Protocol (TKIP) provides for more robust encryption key generation and management scheme. The 802.11i requires mutual authentication(i.e. the station authenticates with the remote server and also the remote server authentices with the station) and also specifies AES encryption method.

3. WPA(Wi-fi Protected access) - WPA incorporates just the stable parts of the 802.11i advanced security standard. But WPA specifies RC4 encryption method instead of AES. WPA also includes Message Integrity Check (MIC) to prevent data forgery.

It’s hard to completely secure a wireless network. WPA with 802.1X for key delivery and refresh can be used by both employee and customer WLAN\'s.