Answered step by step
Verified Expert Solution
Question
1 Approved Answer
You are a network analyst. ArWork, who is your customer, has around 450 employees in their company. This time, the company came for your
You are a network analyst. ArWork, who is your customer, has around 450 employees in their company. This time, the company came for your advice as their employees have been frustrated with increasing spam emails, its computers also crash frequently, take a long time to start up or shut down. Furthermore, your customer mentioned that the programs are running very slowly. You told your customer that you think some or all of the company's computers might be a part of some botnets. Given your comment, your customer would like to understand how their computers became a part of some botnets as well as how their computers are controlled and manipulated remotely. Your customer has heard about honeypots/honeynets and network separation although does not really understand how they work. Your customer was wondering if the honeypots/honeynets and network separation can be useful to the company in mitigating future attacks. They also want to know if there are other recommendations apart from using honeypots/honeynets and network separation. 1. Botnets: 1.1 What are botnets? What are they use for? How do botnets work? Is being a part of a botnet a bad thing? Why or why not? 1.2 Is it possible that the company's computers are a part of some botnets? And if it is possible, then what are the factors that convinced you that the company's computers are a part of some botnets. Discuss the possible causes. 1.3 Explain how their computers being infected, and hence a part of some botnets (given that is the case). 1.3.1 Explain how the infection spread across the transport layer protocol. 1.3.2 Detailing the infection, propagation and relevant payload. 1.3.3 Provide some examples and a diagram/s illustrating the concept. 1.3.4 What are the effects from the company's computer became a part of botnets? What can the attacker/s employ the infected computer for? And how? 1.3.5 In your opinion, what is the worst-case scenario, and why? 1.3.6 How to fix the problem of the customer's computers from being infected. 2. Honeypots/honeynets and network separation: 2.1 Introduce the concept of honeypots/honeynets and network separation. Why should they be implemented on top of what you have recommended in question 1.3.6? 2.1.1 What sort of information can be gathered through honeypot and honeynets? How many types of honeypots and honeynets are there? 2.1.2 How can you perform network separation? 3. Honeypots/honeynets and network separation for A/Work: 3.1 Make a recommendation, accompanied by appropriate diagrams, on how honeypots and/or honeynets and network separation can be deployed for the organisation. 4. Mitigation Strategies: 4.1 Propose appropriate strategies to the client that should be adopted in the organisation in order to reduce the chances of another attack. 4.2 Make recommendations on what could be done to make the organisation's network a safer place. Explain how encryption such as symmetric and Asymmetric will help in this situation quoting examples.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started