search

yeetmemes / cyberedegree

Eduonix cyber edegree
1 stars 0 forks source link

Network Security Fundamentals -User Aunthentication Rating System #3

Closed yeetmemes closed 1 year ago

yeetmemes commented 1 year ago

Part one: Considering what you ve learned through the course, how would you describe the process of User Authentication on a web site by having three different factors of authentication? Answers to this should include information about the different factors (Knowledge, Ownership, Inherence) and their examples, and also the whole process, for example, “user will show his face to the camera after entering the password and pin from the token”.

Part two: Describe, at least four, attack vectors on a company that produces shoes, both Physical and Digital. Answers to this should include information about what can be attacked and how, for example, “considering that the company produces shoes, they need to, somehow, receive money from the buyers/distributors, and an attack vector can be the payment processor of the company”.

Part three: Considering the wireless security, describe in your own words what Krack Attack is. (hard one) Answers to this should reference “key reinstallation attacks” in some way, for example, “Krack attack is an attack on key reinstallation”.

Part four: Considering what you’ve learned through the course, describe what machines should AntiVirus and Firewalls be installed in a network where you have 10 servers and 10 client machines, where all of them have internet and process information provided by outsiders of the company. Answers to this should be at least “all of them” as the whole company should be protected by both solutions.

yeetmemes commented 1 year ago

User authentication is the process of verifying the identity of a user before granting them access to a website or application. Multi-factor authentication (MFA) is a security mechanism that requires users to provide more than one form of authentication to gain access.

Three-factor authentication (3FA) is a type of MFA that requires users to provide three different factors of authentication. These factors are typically something the user knows, something the user has, and something the user is.

The three factors of authentication in 3FA can be described as follows:

  1. Something the user knows: This factor is typically a password or a personal identification number (PIN) that only the user knows. When the user enters their password or PIN, the website or application verifies that it matches the stored value on file.

  2. Something the user has: This factor is typically a physical object that the user possesses, such as a smart card, a USB token, or a mobile device. The user must have this object in their possession to authenticate.

  3. Something the user is: This factor is typically a biometric characteristic, such as a fingerprint, facial recognition, or iris scan. The website or application compares the user's biometric data to the stored data on file to authenticate.

To authenticate using 3FA, the user must provide at least one factor from each of the three categories. For example, the user might enter a password (something they know), insert a smart card (something they have), and scan their fingerprint (something they are).

Using 3FA provides an extra layer of security for web sites or applications. Even if one factor of authentication is compromised, the attacker would still need to provide the other two factors to gain access, making it much more difficult to breach the security measures.

=============================================================================

Attack vectors are the various ways in which an attacker could exploit vulnerabilities in a system or organization to gain unauthorized access, steal data, or cause damage. In the case of a company that produces shoes, there are several potential attack vectors, both physical and digital. Here are at least four examples:

  1. Physical theft: One of the most straightforward attack vectors for a shoe company is physical theft. If an attacker gains access to the company's warehouse or retail locations, they could steal shoes or other valuable assets. This could be done by breaking into the building, using social engineering tactics to gain access, or exploiting vulnerabilities in physical security systems like locks or alarms.
  2. Cyber attacks: In addition to physical theft, a shoe company could also be vulnerable to cyber attacks. This could take many forms, including phishing attacks that trick employees into divulging login credentials, ransomware attacks that encrypt important data, or distributed denial-of-service (DDoS) attacks that overwhelm the company's servers with traffic. Cyber attacks can be difficult to prevent, as attackers can exploit vulnerabilities in software or take advantage of human error.
  3. Intellectual property theft: If a shoe company has developed unique designs, manufacturing processes, or other intellectual property, it could be vulnerable to theft. This could be done through physical means, such as stealing prototypes or confidential documents, or through digital means, such as hacking into the company's servers to steal proprietary data. Intellectual property theft can be devastating for a company, as it could result in lost sales, damage to the brand's reputation, and legal issues.
  4. Supply chain attacks: Finally, a shoe company could be vulnerable to supply chain attacks. These attacks target third-party vendors or suppliers that provide materials or services to the company. For example, an attacker could hack into the systems of a logistics company that handles shipping for the shoe company, giving them access to sensitive data or allowing them to manipulate shipments. Supply chain attacks can be challenging to detect, as they often take place outside of the company's own systems. These are just a few examples of the types of attack vectors that a shoe company could face, both physically and digitally. To prevent attacks, companies should have robust security measures in place, including physical security systems, firewalls, antivirus software, and employee training programs. It's also important to regularly review and update these measures to stay ahead of evolving threats.

====================================================================== Krack Attack, or Key Reinstallation Attack, is a significant security vulnerability that has the potential to cause major harm to wireless networks that utilize the Wi-Fi Protected Access II (WPA2) encryption protocol. This vulnerability was first identified in 2017 and is caused by a weakness in the four-way handshake process, which is employed to establish a secure connection between a wireless device and an access point.

During the four-way handshake process, the client and the access point exchange messages to establish a shared encryption key. However, in a Krack Attack, an attacker intercepts and manipulates these messages to reinstall an already-used encryption key, effectively bypassing the security measures provided by WPA2. Once the attacker has reinstalled the encryption key, they can intercept and decrypt wireless traffic between the client and the access point, potentially giving them access to sensitive information such as login credentials or financial data.

One of the particularly concerning aspects of Krack Attack is that it impacts all devices that use WPA2 encryption, regardless of their operating system or device type. This means that laptops, smartphones, and other wireless devices are all potentially vulnerable to Krack Attack. The widespread impact of this vulnerability underscores the need for robust security measures to mitigate its risk.

To mitigate the risk of Krack Attack, it is important to update all wireless devices and access points with the latest security patches, which can address the vulnerability. In addition to regular updates, it is recommended to use a virtual private network (VPN) to encrypt all wireless traffic and to avoid using unsecured public Wi-Fi networks.

It is important to note that Krack Attack is not the only security vulnerability that wireless networks face. Other threats include rogue access points, man-in-the-middle attacks, and denial-of-service (DoS) attacks. As such, it is critical to maintain a proactive approach to network security, which includes regularly updating software and hardware, implementing robust security protocols, and educating users on the best practices to minimize the risk of security threats.

In conclusion, Krack Attack poses a significant risk to wireless networks utilizing WPA2 encryption. Given its widespread impact, it is imperative to take necessary precautions to mitigate the risk of this vulnerability. By keeping software and hardware up-to-date and implementing security best practices, organizations can ensure their networks are secure and safeguard sensitive information against potential attacks.

=========================================================== To establish a robust defense mechanism against a wide range of cyber threats, it is highly recommended to equip all the servers and client machines in a network with antivirus software and firewalls. This is particularly crucial when these machines are connected to the internet and process data provided by external sources, such as clients, suppliers, and vendors.

Antivirus software can play a pivotal role in keeping the network secure by scanning and detecting any malicious software or files that might have been downloaded or introduced to the system by external sources. It is capable of identifying and isolating threats, preventing them from causing any damage to the system or spreading to other machines in the network. Antivirus software can also provide real-time protection against both known and unknown threats, thus keeping the network safe and secure from all possible cyber attacks.

Firewalls, on the other hand, can provide a vital layer of security to the network by controlling and monitoring incoming and outgoing traffic. By examining network traffic, firewalls can block any unauthorized access and prevent malicious traffic from entering or leaving the network. This helps to reduce the risk of cyber attacks, such as hacking, data breaches, and denial-of-service attacks, which can cause irreparable damage to the network and compromise its integrity.

It is essential to keep both the antivirus software and firewalls up to date to ensure that they are capable of detecting and protecting against the latest threats. Security updates and patches should be applied regularly to all the machines in the network to minimize vulnerabilities and improve overall security. This will ensure that the network remains safe and secure against any new cyber threats that may emerge.

In conclusion, deploying antivirus software and firewalls on all servers and client machines in a network is an essential step towards protecting the network from various types of malware, viruses, and other cyber threats. By implementing these security measures and keeping them updated, organizations can significantly reduce the risk of cyber attacks and safeguard their valuable data and assets.