Discussion Board Essay

678 Words Oct 11th, 2015 3 Pages
Week 1 Discussion Topic 1 - What went wrong at D&A Labs?
After reviewing CSEC630 Module 1, provide a realistic scenario on possibly what went wrong at D&A labs and discuss countermeasures that you are aware of, that can help prevent the situation from recurring. When addressing this question consider the following:
Assuming the company had a firewall, why didn't it stop the intruders?
Do you think an Intrusion Prevention System would have helped in this situation?
Where and how was the company utilizing encryption? Do you think this gave them a false sense of security?
D&A Laboratories had an external firewall in place to protect their information systems from unauthorized access. Protecting companies’ data in
…show more content…
The DNS port 53 is transported in plaintext and unencrypted. The operating system (OS) patching and hardening would have prevented critical vulnerabilities regarding DNS attacks in the company.
In D&A case, an IPS (Intrusion Prevention System) would have helped because an IPS helps in limiting the Zone transfer and segregate authoritative servers. While traffic enters into the networks, an IPS will inspect the type of traffic and frequency of traffic and will permit, deny, or alert depending on the set up. It will help prevent in ICMP flood, DNS flood, and DNS spoofing in the network. An IPS will match against pre-set rules or dynamic signatures to detect malicious patterns. One of the most popular types of DNS attacks, called Cache Poisoning Attacks, can be mitigated by the implementation of IPS. But I wonder how correctly and effectively D&A implemented their IPS in their networks. Just installing firewall and/or IPS will not prevent unauthorized access from intruders. The sustainability of cybersecurity systems after initial implementation is significant. In my recent experience, after cutting-over a company’s network and installing firewall with IDS and IPS features, I emphasized the importance of monitoring the traffic frequently and build the security rulesets accordingly to deny or permit or alert the type of traffic that goes in and out of the
Open Document