Intrusion Detection System (Cisco IDS)
Brief description of the program and what it claims to do

Cisco IDS represents an active and energetic security constituent of the Safe Blueprint and end-to-end security product collection. Its main strength lies on the fact that it builds on the ground up to help a broad range of network through security services. The program is applicable to all business environments from small to large transaction settings. Cisco IDS is ideal for service providers in the need for high-speed and resilient solutions. Cisco IDS exploits modern technology and innovations to construct extensive protective device. Some of the contemporary technologies include stateful model detection, heuristic detection, anomaly detection, and protocol parsing. All these technological developments act towards offering protection from all sources. This indicates that, by modern technological developments, Cisco IDS is capable of protecting networks from identified and unidentified cyber intrusion. Cisco IDS offers network security through…...

mla

References

All Internet Security (2011, November 10). Intrusion Detection. Retrieved from http://www.all-internet-security.com/intrusion_detection/

Cisco Systems. (2011). Cisco Intrusion Detection. Retrieved from  http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml 

Burton, J., Dubrawsky, I., Osipov, V., Baumrucker, C.T., & Sweeney, M. (2003). Cisco security professional's guide to secure intrusion detection systems. Rockland, MA: Syngress Pub.

Protecting Vital Resources
Intrusion Detection and Prevention Systems

IDPS and Components

Intrusion from the outside world, for good or bad, is serious concern in the networked global arena (Ierace et al., 2005). The loss of data and important and confidential business information can be utterly disastrous. Network systems that will detect and prevent such intrusions, therefore, are a necessity of the first order among enterprises. Intrusion attacks can come from hackers, malware or other old or new malicious creations from other sources. Intrusion detection is performed by monitoring computer systems and networks to sense indications of potential threats or violations on an organization's security policies. Another added feature is thwarting these threats before they can occur. Together, these are the components of an intrusion detection and prevention system or IDPS (Ierace et al.).

There are four classes of IDPS according to their functions and the methods they use (Ierace et al., 2005). These are…...

mla

BIBLIOGRAPHY

Ierace, N., et al. (2005). Intrusion prevention systems. Ubiquity Information Everywhere:

Association of Computing Machinery. Retrieved on February 12, 2014 from http://ubiquity.acm.org/article.cfm?id=1071927

Kanika (2013). Intrusion detection system and intrusion prevention system -- a review study. Vol. 4 Issue 8, International Journal of Scientific and Engineering Research;

International Scientific and Engineering Research. Retrieved on February 12, 2014

Accounting and Intrusion Detection
In a report issued by Paladin Technologies, Inc., entitled: "Security Metrics: Providing Cost Justification for Security Projects," 273 organizations were surveyed on the topic of security. The report illustrates in quantifiable terms the depth and reach of intrusion detection on the financial viability of the organization. The combined reported losses from the firms surveyed totaled $265.6 million in 1999. The highest loss categories were reported as follows:

Type of Loss

Estimated Dollar Value

Number of espondents

Theft of intellectual capital

m

Financial Fraud

m

Sabotage

m

The average annual financial loss of firms surveyed was estimated at $40 million. Forty three percent of respondents were able to quantify financial losses, and seventy four percent were able to acknowledge financial loss. Ninety percent detected cyber attacks within the most recent twelve-month period and seventy percent reported serious breaches other than viruses, laptop theft, and employee abuse of net privileges. As for these categories, six hundred and forty three…...

mla

Resources

Risk Assessment risk assessment involves estimating the likelihood and severity of an occurrence, the relative impact of risk on the facility, information handler, processing, support, and the mission of the organization. Assessing the likelihood means determining the probability that existing controls will be skirted. Pfleeger has identified a series of steps for examining the likelihood of adverse occurrences:

Calculate the probability that the risk may happen, found in the observed data for the specific system.

Estimate the likely number occurrences in a given time period. The analyst gives a rating based on several different risk analysis methodologies, and then creates a table to hold and compare the ratings.

The Delphi approach: several raters individually estimate the probable likelihood of an event, combine their estimates, and choose the best one.

Attacks on the system security include password theft, back doors and bugs, social engineering, protocol failures, authentication failures, Denial of Service attacks, active attacks, botnets, exponential attacks including worms and viruses, and information leakage. (Fortify Software Inc., 2008); (Fortify Software, n. d.)
Servers are targets of security attacks due to the fact that servers contain valuable data and services. For instance, if a server contains personal information about employees, it can become a target for stealing identities. All types of servers, which include file, database, web, email and infrastructure management servers are vulnerable to security attacks with the threat coming from both external as well as internal sources.

Some of the server problems that can jeopardize its security include: (i) Weakly encrypted or unencrypted information, especially of a sensitive nature, can be intercepted for malicious use while being transmitted from server to client. (ii) Software bugs present in the server Operating…...

mla

References

Bace, Rebecca Gurley; Bace, Rebecca. (2000) "Intrusion Detection"

Sams Publishing.

Fortify Software Inc. (2008) "Fortify Taxonomy: Software Security Errors" Retrieved 17 November, 2008 at  http://www.fortify.com/vulncat/en/vulncat/index.html 

Fortify Software. (n. d.) "Seven Pernicious Kingdoms: A Taxonomy of Software Security

System Security
"As a manager, how would you plan on securing organizational data? How does security effectiveness and relative cost figure into those plans?"

The more critical aspect of any enterprise-wide security management strategy is to align system resources to the strategic initiatives and goals of an organization. Increasingly this is being accomplished through the use of role-based access and authentication privileges and process workflows that audit and evaluate use of sensitive information (Shih, Wen, 2005). The role of enterprise security management drastically changes however when ubiquitous Web Services are used for capturing, aggregating, analyzing and effectively using confidential data to make financial decisions (Phifer, 2011). The intent of this analysis is to evaluate how intrusion and intrusion detection systems can be used in the 21st century, state-of-the-art IT systems that are to a large extent Cloud-based and often have remote access points that make them particularly vulnerable (Phifer, 2011). Also…...

mla

References

Microsoft TechNet. (2011). Enterprise security best practices. Microsoft. Retrieved from http://technet.microsoft.com/en-us/library/dd277328.aspx

Thibodeau, P. (2011, July 18). U.S. government CIO warns of IT vendor cartel. Computerworld. Retrieved from  http://www.computerworlduk.com/news/public-sector/3291866/us-government-cio-warns-of-it-vendor-cartel/ 

Phifer, L. (2011, July 11). 5 best practices for securing remote access. E-security Planet. Retrieved from  http://www.esecurityplanet.com/views/article.php/3937121/5-Best-Practices-for-Securing-Remote-Access.htm 

Shih, S.C., & Wen, H.J. (2005). E-enterprise security management life cycle. Information Management & Computer Security, 13(2), 121-134.

Intrusion Detection Systems: etail-Based Cybercrime and the Importance of Security Point of Sales Endpoints Systems
etail-based cybercrime and the importance of security Point of Sales Endpoints Systems

The recent technological advances have resulted in increased dependability of network-based technology for everyday usage. Points of sales systems have also evolved, and they are now linked to the company's network, which makes them vulnerable to attacks. The number of attacks leveled against POS endpoints has increased steadily in recent times [1]. This is because they are mostly stand-alone and they are used to capture credit card information. The attackers are mostly interested in customer information for fraud or identity theft purposes. In order for POS systems to verify customer information and process credit cards, they need network connection. The network connection provided is dependent on the store. Large stores connect their POS systems to the internal network in order to simplify administration and reduce…...

mla

References

[1] B. Qawami, B.Z. Talaich, and M.J. Farrell, "Enabling a Merchant's Storefront POS (Point of Sale) System to Accept a Payment Transaction Verified by SMS Messaging with Buyer's Mobile Phone," ed: Google Patents, 2012.

[2] P. Kabiri and A.A. Ghorbani, "Research on Intrusion Detection and Response: A Survey," IJ Network Security, vol. 1, pp. 84-102, 2005.

[3] S.R. Snapp, J. Brentano, G.V. Dias, T.L. Goan, T. Grance, L.T. Heberlein, C.-L. Ho, K.N. Levitt, B. Mukherjee, and D.L. Mansur, "A system for distributed intrusion detection," COMPCOM Spring, vol. 91, pp. 170-176, 1991.

[4] N.B.W. Mlitwa and D. Birch, "The role of intrusion detection systems in electronic information security: From the activity theory perspective," Journal of Engineering, Design and Technology, vol. 9, pp. 296-312, 2011.

There is a trade-off with regard to this first layer to ensure a high level of physical security that does not compromise the system-level flexibility and support. This first level of support can be as simple as locks, fireproofing and safes to biometrically based access as well. The components of physical security are surveillance and notification systems. These are systems that react to smoke, intrusion or a threat in the form of a break-in for example. Using motion sensors, intrusion detection equipment and closed-circuit televisions are all part of this step, as are continual centralized monitoring of the entire site as well. Organizations have successfully been able to integrate emergency self-start shutdown procedures for systems when intruders are discovered, disabling all system access to protect the data. A third class or component of security is the reliance on combining physical monitoring systems with the actual enterprise systems to ensure…...

mla

References

Phil Aronson. (2005). An integrated approach to workplace security.

Employment Relations Today, 32(1), 41-46.

C Thomas Johnson. (2008). Protecting Your Walls. Risk Management,

55(5), 55,8.

If they need to access a site for business purposes, they may not be able to do so, and that can lead to frustration and even lost contracts and opportunities (Miller, 2005). With that being the case, it would seem as though there should be a way to get around these restrictions. If people start avoiding restrictions, though, where does that end? At what point does it become unacceptable and dangerous, and at what point does it jeopardize the privacy, safety, and security of other people who have their information online?
The people who own the information (i.e. The people whose information is being collected) should be the ones to control how secure that information is in the sense of who can see it and access it. Because their names, dates of birth, addresses, phone numbers, and other information belongs only to them, they should be able to determine whether…...

mla

References

DiBattiste, C. (2009) Privacy and Information Security 101: Have a plan Information Security Best Practices 2009 conference archive The Wharton School, University of Pennsylvania. Zicklin Center for Business Ethics Research. Retrieved on July 26, 2010 from  http://technopolity.editme.com/files/isbp2009talks/DiBattiste-summary.doc 

Cranor, L. (2008) A Framework for Reasoning About the Human in the Loop. Retrieved on June 10, 2011 from  http://www.usenix.org/events/upsec08/tech/full_papers/cranor/cranor.pdf 

Miller, M. (2005). Computer Security: Fact Forum Framework Retrieved on July 26, 2010 from  http://www.caplet.com/security/taxonomy/index.html

detection and intervention in childhood mental health help prevent mental health problems in adult life?
Disregarding the mental well-being requirements of children is an intolerable violation of our basic undertaking to protect their well-being. Unfavorable mental disposition amidst our children is a less acknowledged difficulty that influences their literary, societal, and emotional enhancement. Mental well-being is a wide attribute to be analyzed. The mental well-being requirements of children and youth demand introspection. There is prevalent refuting that mental well-being is comprehensive of the influence on the children -- amidst all age distinct ions, variety of cultural sections, and all income sections. Such miscomprehensions are recurring, and involvement and care are unlikely to be found. Many people have the belief that children having mental well-being difficulties are just under the impact of a particular passing cloud. (Promoting Access for Children to Mental Health Screens and Assessments in Medicaid and the Children's…...

mla

References

AAMR. "Mental retardation: Definition, classification, and systems of supports," 9th edition (1992).

Caplan G. "Principles of Preventive Psychiatry," Basic Books, New York, 1964

Children's Mental Health: Current Challenges and a Future Direction Traditional Mental Health Services for Children: Current Arrangements and Challenges." Retrieved at   Accessed on 12/08/2003http://www.healthinschools.org/mhs3.asp .

Children, Youth and Mental Disorders." The Primer May, 2003

Groups -- People sometimes act as a group to steal information for any number of reasons. They may be a company's customer or vendor, or they may be a fierce competitor trying to steal sensitive trade secrets (Elifoglu, 2002).

Some common threat attack groups include the following:

Saboteurs/Terrorists/Paramilitary Groups;

Domestic or Foreign Criminals;

Vendors;

Customers;

Competitors; and,

Former Employees (Elifoglu, 2002).

In reality, the concept of intrusion detection systems is a straightforward matter of designing a system that can provide alerts when it is attacked. According to Andress (2003), the process of intrusion detection typically requires the identification of unauthorized access into computer systems. For example, this author notes, "obust intrusion-detection systems are placed at strategic locations on the network to look for suspicious usage patterns so that attacks can be detected before an intruder has gained access to the network, application, or operating system" (Andress, p. 66). This author also reports that, "An intrusion-detection system (IDS) monitors…...

mla

References

Andress, a. (2003). Surviving security: How to integrate people, process, and technology. Boca Raton, FL: Auerbach Publications.

Elifoglu, I.H. (2002). Navigating the 'information super highway': How accountants can help clients assess and control the risks of Internet-based e-commerce. Review of Business, 23(1), 67-69.

Grimes, R.A. (2008). Honeypots, honeynets. Honeypots.net. [Online]. Available:  http://www.honeypots.net/ .

Hinojosa, P. (2005). Information security: Where we've been and where we need to go the Journal, 32(7), 36.

g., if thee is a pobing attempt o geneal scanning on the pots). Data will also be collected fom the log file of the monitoing tool and fom the log of the opeating system as well. Accoding to Thomae and Bakos, honeypots also have some distinct advantages fo data collection puposes, including the following:
Honeypots have no poduction use, most activity diected at honeypots epesents genuine attacks, leading to few, if any, false positives.

Honeypots can captue all activity diected at them, allowing the detection of peviously unknown attacks.

Honeypots can captue moe attack data than most othe intusion-detection solutions, including (fo some kinds of honeypots) shell commands, installed attack softwae, and even attacke-to-attacke inteaction though chat seves o othe communication mechanisms (Thomae & Bakos, pp. 1-2).

Honeypots facilitate this type of data analysis if popely administeed. Fo instance, afte collecting data fom log files, secuity pofessionals should analyze it to detemine if the…...

mla

references and deter computer crime. Yale Law Journal, 112(6), 1577.

Chief Security Officer:
As the Chief Security Officer for a local University, my main role is establishing and maintaining an enterprise wide information security program that helps to ensure all data and information assets are not compromised. This process involves developing a plan to conduct a security program that prevent computer crimes, establishes a procedure for investigation, and outlines laws that are applicable for potential offenders. To develop an effective plan, the process would involve identifying recent computer attacks or other offenses that have been carried out against higher educational institutions and processes established by these institutions to prevent the recurrence of the crimes. In addition, procedures, methodologies, and technologies that could be bought to lessen computer crime threats and effective laws for convicting offenders will also be examined. The other parts of the process include identifying computer crime fighting government programs and the types and costs of computer forensics technology…...

mla

References:

"Data Security Breach at Ferris State University." (2013, August 16). Local. CBS Local Media.

Retrieved December 16, 2013, from  http://detroit.cbslocal.com/2013/08/16/data-security-breach-at-ferris-state-university/ 

Easttom, C. & Taylor, J. (2011). Computer crime, investigation, and the law (1st ed.). Stamford,

CT: Cengage Learning.

There are also those nations so hungry for economic growth that they embrace any type of
commerce activity, and this has been the case in China for example, which
does not police against spamming. The U.S. government on the other hand
has been aggressive about prosecuting spammers and sending them to prison.
You are a fairly small company:
a) Should you use a firewall?
Yes, most definitely, as any hacker could get to your company's record,
even spoof your e-mail addresses and send SPAM or other e-mails using your
company's identity.
b) Should you use antivirus systems?
Yes, as any small business will have spent a large percentage of their
total budgets on PCs and laptops, and a virus could make these assets
inoperable fast. Anti-virus will save e-mail systems, the company network,
and ultimately hundreds of hours of lost time.
c) Should you use and intrusion-detection system?
Yes and many firewalls now include this feature specifically to track and
block anyone who tries unsuccessfully to…...

Auditing, Monitoring, Intrusion Prevention, Detection, and Penetration Testing
The network vulnerability is a major security weakness that allows an attacker reducing computer information assurance. Vulnerability intersects three elements: a system flaw, the attacker is having access to the flaw, and ability to exploit the flaw. Thus, a security risk is classified as a vulnerability that is tied to a great significant loss. The vulnerability can erode data confidential, system integrity and availability of data.

The objective of this study is to carry out analysis of two research articles that discusses the network vulnerabilities in the IT environment. (Jackson, et al.2008, Sommer, et al. 2003). Both articles believe that attackers exploit the network vulnerabilities to inflict damages in the information systems. Moreover, the two articles agree that the traditional securities such as network IDS (intrusion detection system) (Sommer, et al. 2003) and DNS pinning (Jackson, et al.2008) are no more effective in guiding…...

mla

Reference

Debar, H. & Morin, B.(2002). Evaluation of the Diagnostic Capabilities of Commercial Intrusion Detection Systems. RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection:177-198.

Jackson, C., Barth, A., Bortz, A., Shao, W., and Boneh, D. (2008). Protecting browsers from DNS rebinding Attacks. ACM Trans. ACM Transactions on the Web (TWEB). 3(1).

Karlof, C. Shankar, U. Tygar, J.D. et al. (2007). Dynamic pharming attacks and the locked same-origin policies for web browsers. Proceedings of the 14th ACM conference on Computer and communications security: 58-71.

Lam, V.T, Antonatos, S. Akritidis, P. et al. (2007). Puppetnets: Misusing web browsers as a distributed attack infrastructure. ACM Transactions on Information and System Security 12(2).

Auditing, Monitoring, Intrusion Prevention, Intrusion Detection, and Penetration Testing
"Unlike IP fragmentation (which can be done by intermediate devices), IP reassembly can be done only at the final destination. What problems do you see if IP reassembly is attempted in intermediate devices like routers?" [ ]

IP fragmentation is defined as the IP (Internet Protocol) that breaks datagrams into smaller fragment to assist packets passing through links and forming a smaller MTU (maximum transmission unit) than its original size. However, the fragments reassemble themselves when reaching the receiving hosts. After the receiving hosts have received the fragmented IP packet, they have to reassemble the datagram before passing it to the higher layer. In practices, the reassembly happens in the receiving hosts, however, a reassembly may be carried out by the intermediate router. For example, the NAT (network address translation) is designed to reassemble the fragments to the translate data streams. Several problems…...

mla

Reference. San Francisco.No Starch Press Series.

Kukoleca, M., Zdravkovic, M., & Ivanovic, I. (2014). Securing Linux Servers: Best Practice Document. AMRES/RCUB.

Rehman, R.U. (2003). Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, Mysql, PHP, and ACID. Indianapolis, Prentice Hall.

Security Site (2016). Snort Analyzer. Retrieved 23 November 2016 from  http://asecuritysite.com/forensics/snort?fname=nmap.pcap&rulesname=rulesportscan.rules 

Tews, E., & Beck, M. (2009). Practical attacks against WEP and WPA. In Proceedings of the second ACM conference on Wireless network security, 79-86.

Refined Thesis Statement:

The multi-layered security protocols employed by modern online banking platforms, combined with robust user awareness and vigilance, effectively safeguard financial transactions, mitigating cyber threats and ensuring the integrity of online financial services.

Supporting Arguments:

Multi-Layered Security Protocols:

Strong Authentication: Two-factor authentication (2FA) and biometrics provide an additional layer of protection by requiring multiple forms of authentication.
Encryption: Advanced encryption algorithms ensure that data is securely transmitted and stored, protecting against eavesdropping and data breaches.
Firewalls and Intrusion Detection Systems (IDSs): These systems monitor network traffic for suspicious activity and block unauthorized access.
Secure Socket Layer (SSL)/Transport Layer Security (TLS): Encrypts....

1. Granular control: An ACL allows administrators to define specific rules and permissions for different users, devices, and applications within a network. This granular control ensures that only authorized individuals have access to sensitive data and resources, reducing the risk of unauthorized access.

2. Restricting access: ACLs can be used to restrict access to certain resources based on criteria such as IP address, port number, or protocol. This helps in preventing unauthorized users from gaining access to critical systems and applications within the corporate network.

3. Monitoring and auditing: ACLs enable administrators to monitor and track user activity within the network by....

1. Implement strong encryption: Use encryption technologies to protect sensitive data both in transit and at rest. This will help prevent unauthorized access to the information.

2. Secure data storage: Store sensitive information in secure, encrypted databases or cloud storage solutions. This will add an additional layer of protection to the data.

3. Implement access controls: Use access controls to restrict access to sensitive information only to authorized personnel. This can include role-based access controls, strong authentication mechanisms, and regular audits to monitor and track access to the data.

4. Regular security audits and assessments: Conduct regular security audits and assessments to identify....

1. Implement strong data encryption practices: Organizations should utilize strong encryption methods to protect sensitive information both while it is stored and while it is being transmitted.

2. Use secure communication channels: Ensure that communication channels, such as email and messaging platforms, are secure and encrypted to prevent unauthorized access to sensitive information.

3. Enforce strict access controls: Limit access to sensitive information only to those who need it for their job roles. Implement strong authentication methods, such as multi-factor authentication, to verify users' identities.

4. Regularly update security protocols: Keep security measures up to date by regularly updating software, implementing patches, and....