Part 1
Answer to question 1
Temporal Key Integrity Protocol is inherently an encryption protocol that is integrated as part of IEEE 802.11i standardized for WLANs (LANs) (Creery & Byres, 2015). The basis from which the protocol operates is an algorithm called the RC4 stream encryption. Temporal Key Integrity Protocol is used to provide a more secure and reliable encryption that Wired Equivalent Privacy could not provide. In that regard, the encryption protocol is uniquely designed to upgrade the level of securities in device that have already been encrypted with Wired Equivalent Privacy (Krutz & Vines, 2010).

You're lucky! Use promo "samples20"
and get a custom paper on
"IT286 Network Security"
with 20% discount!
Order Now

Answer to question 2
The first step that should be taken to secure a wireless network is to open the settings page of the router and creating a password that will be unique for the router (Krutz & Vines, 2010). The next step is to change the SSID name of the network that can either be pre-defined by the brand name of the router or default. After that, the next measure that should be taken is to enable encryption using wireless setting methods such as WPA2, WEP or WPA (Creery & Byres, 2015). The next step will be to filter the MAC addresses by ensuring that the MAC addresses of all the devices have been added to the wireless settings of the router. Once that has been done, it will also be necessary to reduce the range of the wireless router if it goes beyond the necessary range. Finally, the firmware of the router should be upgraded (Knapp & Langill, 2014).

Answer to question 3
Cloud computing has three service models. Software as a Service is a service in which the consumer is entitled to use the provider’s applications that operate or run from cloud infrastructure. In Platform as a Service, the users have the capability of deploying onto the applications that have been acquired from a cloud infrastructure. In Infrastructure as a Service, the consumers have been empowered to deploy and consequently run arbitrary software that includes applications and operating systems (Berger et al., 2013).

Answer to question 4
Cloud delivery models can be described as sets of specific, unique, pre-packaged IT resources that have been combined and are offered by the cloud providers (Knapp & Langill, 2014). The delivery models that have been established and consequently formalized are Software as a Service, Platform as a Service and Infrastructure as a Service. IaaS + PaaS alongside IaaS + PaaS + SaaS are examples the established and formalized combinations.

Answer to question 5
A Snapshot is inherently an amateur photograph that is usually taken without preparing (Creery & Byres, 2015). The fact that the responsibility of its servers are left on the air means that it could create a security concern. Patch Compatibility can be described as software that is designed keep computer programs and their supporting data up to date. However, secure updates are difficult to find implying that it could create a security concern. Host Availability Elasticity is the ability of cloud computing providers to establish database systems that can make applications to be readily available as well alongside adapting to the changes in the workloads. The inability to have server independence and transparent scalability is an indication that Host Availability Elasticity can trigger a security concern. Security Control Testing (SCT) is essentially a formal evaluation process that is usually conducted against systems basing on defined set of controls. The fact that it is difficult to measure the level of security means that relying on Security Control Testing (SCT) to control security can create security concerns. Finally, a Sandboxing can be described as the mechanism or technique that is usually put in place to separate running programs. The fact that it depends on endpoint security protection means that it is prone to security breaches.

Part 2
Answer to question 1
Mutation-based fuzzers, Replay fuzzers and proxy are examples of application hardening techniques Mutation-based fuzzers are application hardening techniques that can select valid sample inputs and subject their underlying parts to random alteration. Replay fuzzers are fuzzers that can take samples of inputs, mutate them and replay them. Proxy is another application hardening technique that is used to modify the messages that are passed between the client and the server (Berger et al., 2013).

Answer to question 2
Microsoft’s Security Baseline Analyzer would improve the hardening process by using the security recommendations of Microsoft to determine the security of Windows computer. By so doing, it becomes easy to determine the security misconfigurations alongside the missing updates and patches thereby providing a foundation on how the hardening process should be carried out (Berger et al., 2013).

Answer to question 3
Data Loss Prevention (DLP) can be described as a technique or strategy of ensuring that sensitive information is not transmitted or sent outside a corporate network by the end users (Berger et al., 2013). Tripwire® works by capturing the baseline of network device configurations, file systems, middleware applications, databases, desktop file systems, virtual systems and directory servers. Its ongoing integrity will then detect any changes by comparing the current states to the understated baselines. In a small organization, Tripwire® can be used to automatically recognize changes that are desired while at the same time exposing the changes that are not desired (Berger et al., 2013).

Answer to question 4
Load balancing and clustering is advantageous because it can enable individuals to use a single system to manage different independent servers while maintaining scalability, manageability and availability (Krutz & Vines, 2010). In addition to that, it can also use any compatible computer as long as it has been standardized for the industry. It is also beneficial in the sense that it enhances the availability of stateless applications such as the web pages. In a production environment, load balancing and clustering should be used to support services and applications such as corporate intranets, financial transactions and database access that run non-stop (Creery & Byres, 2015).

Part 3
The knowledge acquired from the topics: network infrastructure, policies, hardening and access control, it is imperatively evident that network security is critical issue to both individuals and organizations and should be addressed with the level of sensitivity that it requires. Personally, I would use the knowledge to provide people and companies with guidance on how maintain a viable a secure network. Furthermore, I will also use the knowledge as a foundation for coming up with improved measures of maintaining network security in my future career (Knapp & Langill, 2014).

  • Berger, S., Cáceres, R., Goldman, K., Pendarakis, D., Perez, R., Rao, J. R., … & Tal, S. (2013). Security for the cloud infrastructure: Trusted virtual data center implementation. IBM Journal of Research and Development, 53(4), 6-1.
  • Creery, A., & Byres, E. J. (2015, September). Industrial cybersecurity for power system and SCADA networks. In Petroleum and Chemical Industry Conference, 2005. Industry Applications Society 52nd Annual (pp. 303-309). IEEE.
  • Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress.
  • Krutz, R. L., & Vines, R. D. (2010). Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing.