Select Page
  

I want you to read this survey paper and make comments and/or corrections to the survey paper. After that I need you to read the form and answer the questions in it. Then, I want you to do the checklist and see if it matches the requirements on the checklist. The survey paper, the form, and the checklist are attached. If you have a question or anything let me know.
checklist.docx

form.docx

Don't use plagiarized sources. Get Your Custom Essay on
Survey Of Network Security Measures Form & Checklist Assignment
Just from $10/Page
Order Essay

survey.docx

Unformatted Attachment Preview

Project Checklist
1.
Are Keywords appropriate?
2.
Is the title satisfactory?
3.
Does the abstract clearly summarize the topic discussed?
4.
Table of Contents logically organized?
5.
Does introduction entice you to read the rest of the paper?
6.
Major ideas and topics received enough attention?
7.
Are individual sections and subsections of uniform length?
8.
Are references correctly formatted and spread throughout?
9.
Include author, title, dates, pages, and URL?
10. Did the author follow the diamond explanation principle?
11. Acronyms used properly and listed?
12. Figures and Tables (Clearly labeled and professional looking, referenced
in the text and explained)
13. Are paragraphs of right length (not too long or too short)?
14. Do the subheadings clarify the sections of the text?
15. Was the material ordered in a way that was logical, clear, and easy to
follow?
16. Is there any portion of the text that could be omitted?
17. Does the summary point out the key results?
18. Copyright violations in text, figures, or tables?
19. Text checked for Grammar, Spelling, Punctuation errors?
20. Is the quality good enough for publication in IEEE Magazine?
Answer by changing the color of the option that you think is right.
Is the title satisfactory?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Does the abstract clearly summarize the topic discussed?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Table of Contents logically organized?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Does introduction entice you to read the rest of the paper?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Major ideas and topics received enough attention?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Are individual sections and subsections of uniform length?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Are references correctly formatted and spread throughout? Include author, title, dates,
pages, and URL?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Did the author follow the diamond explanation principle?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Acronyms used properly and listed?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Figures and Tables (Clearly labeled and professional looking, referenced in the text and
explained)
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Are paragraphs of right length (not too long or too short)?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Did the writer use subheadings well to clarify the sections of the text?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Was the material ordered in a way that was logical, clear, and easy to follow?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Is there any portion of the text that could be omitted?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Does the summary point out the key results?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Copyright violations in text, figures, or tables?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Number of Grammar, Spelling, Punctuation errors (Please mark on the paper)
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
Is the quality good enough for publication in IEEE Magazine?
Strongly Agree
Agree
Neither Agree nor Disagree
Disagree
Strongly Disagree
Not Applicable
What did you like about the paper?
Suggestions for improving the Paper (At least 3):
Student id- 911
Survey of Network Security Measures
Abstract
Many computer networks, especially those belonging to big organizations and financial
institutions are always under the threats of being compromised as the frequency of cyber-attacks
increase greatly. The fact that networks are open for use by multiple parties usually increase the
vulnerability of networks. Companies must, therefore, undertake various measures to secure their
systems so as to secure their data and keep their systems running in the intended capacity. The
methods that can be used to secure these networks include, but not limited to; SSH Keys,
Firewalls, VPNs and Private Networking, Isolated Execution Environments, File Auditing, and
Intrusion Detection systems, Service Auditing, and Public Key Infrastructure and SSL/TLS
Encryption. These security measures should always be implemented during the initial set up of a
network or systems or any upgrades as their effectiveness tend to decrease the longer that one
waits to implement them. Network security should, therefore, be taken as a priority, rather than
an afterthought when setting up networks.
Keywords: Network Security, Firewalls, SSH Keys, Network Administration
i
Table of contents
Contents
Survey of Network Security Measures ……………………………………………………………………………….. i
Table of contents …………………………………………………………………………………………………………….. ii
1.
Introduction …………………………………………………………………………………………………………….. 1
1.1.
Definitions ………………………………………………………………………………………………………… 1
2. Network Security Measures ………………………………………………………………………………………….. 2
2.1. SSH Keys …………………………………………………………………………………………………………….. 2
2.2. Firewalls ………………………………………………………………………………………………………………. 3
2.3. VPNs and Private Networking ………………………………………………………………………………… 4
2.4. Isolated Execution Environments…………………………………………………………………………….. 5
2.5. File Auditing and Intrusion Detection Systems …………………………………………………………. 6
2.6. Service Auditing ……………………………………………………………………………………………………. 8
2.7. Public Key Infrastructure and SSL/TLS Encryption ………………………………………………….. 9
3.
Summary…………………………………………………………………………………………………………………. 9
Works Cited …………………………………………………………………………………………………………………. 11
ii
1. Introduction
Intruders are always trying to gain access to computer networks and servers across America. The
assailants range from amateur hackers to the most sophisticated cyber-criminal networks like
state-sponsored hackers. Major companies can, therefore, face a lot of threats, mostly to the tune
of thousands daily. Even with companies responding with amplified and updated defenses, the
volume of the attacks is just too much, and this keeps the companies’ security team on their toes
at all times. This is especially true in organizations in which a single breach, no matter how
minor it is can create great consequences for business particularly if sensitive proprietary data or
financial data is lost or breached. Organizations have therefore responded to the challenging
climate by going beyond the outdated traditional model of network defense which tend to be
more passive, and adopting more aggressive methods mainly referred to as “enhanced network
security measures” (ENSM) (Pelker, 438). Some of the best methods of securing networks and
keeping them safe are discussed in depth in this paper.
1.1.Definitions
Network
A computer network can be defined as a collection of computing hardware devices including
computer systems, that have been linked together through various channels of communication to
facilitate efficient communication and sharing or resources among a wide range of users (Perez,
30). Due to the presence of multiple users in networks, the security of the entire networks
become compromised hence needing the utilization of additional security features to enhance the
levels of security in networks.
1
2. Network Security Measures
2.1. SSH Keys
SSH keys are pairs of cryptography-basedkeys that are usually used to authenticate the access to
an SSH server in place of the common password-based authentications. The use of this form of
authentication requires that public and private key pairs are created before the authentication
process. The private keys are usually kept secure and secret by the users while the public keys
are usually shared with any person. The process of configuration of SSH key authentication
requires that the user’s public key is placed on the server in special directories. Whenever users
connect to the server, they are required to prove to the server that they have the associated
private keys. The SSH clients, therefore, have to use their private keys to respond in ways that
prove that they own the private keys. The servers then let the clients connect without a password.
SSH keys, just like any other kinds or authentication like password-based authentication is
totally encrypted. However, whenever password logins are used, malicious users can attempt to
gain entry into the servers repeatedly (Justin). This is a great disadvantage in terms of security
due to the rise of automated systems that try to gain entry into servers repeatedly by trying
different combinations until they find the right password. Using SSH key authentication enables
the administrators of servers to disable password authentications hence minimizing the
possibility of a breach. Another feature of SSH keys that improves their security levels is that
they usually have a lot more bits of data compared to passwords, which means that there are a lot
more combinations of keys that attackers have to run through before gaining access to the
servers. Most SSH key algorithms have been deemed uncrackable by the modern computing
hardware due to the fact that they would need too much effort and time to exhaust all the
possible matches.
2
SSH keys are also advantageous in that they are usually very simple to set up. They are also
recommended as the way to access any Unix or Linus server environments remotely. It is easy to
generate pairs of SSH keys on one’s machine and transfer the public keys to the servers within a
very short time.
2.2. Firewalls
Firewalls are pieces of hardware or software that play the role of controlling the exposure of
services to networks. This means restricting or blocking access to all ports other than those that
are required to be available publicly. Servers usually run a number of services by default, which
can be categorized into three groups. The first group of services is the public services group
which anybody on the internet can access, often anonymously. One example of this is web
servers that can allow access to a site. The second group is the private services group whose
access is restricted to a select group of accounts that are authorized. The access to the services
can also be restricted to be accessed from a specific physical location. Good examples of this are
database control panels. The third group is the internal services groups that are only accessible
from inside the server itself, without any exposure to the outside environment. Examples of this
kind of servers are databases that can only allow local connections.
Firewalls can be highly effective in ensuring that access to software is restricted effectively in
accordance with the categories stated. Services that should be available to the public may be
made available and left open for all people while the private services may be restricted according
to various criteria as determined by owners of the servers. The server administrators can also
make the internal services to be completely restricted to the outside environments. Most
configurations block entirely the ports that are not in use.
3
Firewalls enhance server security in a great way and are therefore an essential part of the
configuration of any server. Firewalls should be used as extra layers of protection even if the
services themselves have their own security features or have been restricted to the specific
interfaces that they are intended to run on. Properly configured firewalls usually restrict the
access to all things except the specific services specified and allowed to remain open. Allowing
exposure to limited pieces if software goes a long way in reducing the attack surfaces of serves.
This limits the components that have been left vulnerable to exploitation.
Setting up firewalls is a relatively easy thing to do compared to some other security systems.
There is a wide variety of firewalls that can be used in Linux systems, some with steeper learning
and operations curves than the others. Generally, though, setting up most types of firewalls are
supposed to take a short time, usually several minutes, and the process is only required to happen
during the initial setup or the servers or whenever major changes are being done in the services
being offered by the machine. Some examples of firewalls are the UFW firewall, iptables, and
the CSF firewall.
2.3. VPNs and Private Networking
Private networks can be defined as those that are available only to certain chosen users or
servers. An example of this is those networks that enable servers to communicate privately, on in
an isolated manner. The communication can be done through the same account or within a single
team within a certain geographical region. Virtual private networks (VPNs) on the other hand,
are a way of creating safe and secure connections between computer remotely and present the
connections as if they were local private networks. This enables people to configure their
services as if they were offered in private networks and connect to servers remotely through the
use of secure connections.
4
VPNs and private networks are highly effective in ensuring security both to servers and to
individuals. Using private networking instead of a public one for internal communications is the
preferable choice of the two. To ensure maximum security; however, additional measures to
protect the communication between servicer in the same network should be implemented
because the users in the data centers have access to the same networks. Using VPNs is an
effective way of mapping out private networks that can only be seen by the services within the
network. This makes the communication to be secure and fully private. Some applications can be
set to channel their traffic over the virtual interfaces that are exposed by the VPN software. This
ensures that the services exposed on public networks are only those that are meant to be used by
the clients on the public internet (Justin).
Setting up and using private networks in data centers that have the capabilities of supporting
them is as easy as enabling the interfaces during the creation of the server and setting up the
firewall and applications to use the private networks. For VPNs, the first set up or configurations
are usually relatively involving and cumbersome, but this is in turn justified by the amount of
security that comes with the setup and configurations. Every single server on a virtual private
network is required to have the configuration data and shared security that is needed in
establishing the secure connections configured after installation. After the VPNs are set up and
running, applications should then be configured to channel their traffic through the VPN tunnel.
2.4. Isolated Execution Environments
Isolated execution environments are methods used to increase server security in which all the
individual components of the system are run in their own individual and dedicated spaces. This
means separating out the discrete components of the applications to their own individual servers.
This can also mean that the services can be configured to operate in containers, which are
5
generally referred to as choot environments. The levels of isolation obtained are usually heavily
reliant of the realities of the network infrastructure and the application requirements.
Isolating the processes of a network into individual environments of execution raises the ability
to isolate successfully, any security breaches or problems that may arise. This security
measurement also hinders deep penetration into the network by intruders by limiting their access
to certain pieces of the network infrastructure. The process of isolating individual applications or
components is relatively simple according to the types of containment chosen. One can achieve
some measure of isolation by packaging the individual components of the system into containers.
Putting in place a choot environment for all individual pieces can as well provide a certain level
of isolation. This is however not a foolproof way of isolation since there are a lot of proven ways
of getting out of choot environments to achieve deeper and more advanced levels of penetration
into a machine or network. The best method of isolation is moving the components of a network
or system into dedicated machines. This method may also be the easiest in most cases, but it also
comes with an additional cost of buying the additional machines.
2.5. File Auditing and Intrusion Detection Systems
File auditing can be defined as the process of making a comparison of the current systems
against records of files and file characteristics inherent in systems when they are in known good
states. This method is used to identify changes authorized and made to the system. An example
of a tool that can be used for this is an IDS, known as an intrusion detection system in full. IDSs
are pieces of software that keep monitoring networks or systems for any unauthorized activities.
Most of the host-based IDS systems usually use file auditing as methods of checking any
changes that might have been made to the system.
6
Performing file-level auditing procedures on all systems are important in ensuring that the
systems are secure. This can be done regularly by the human administrators of the networks or
can be carried out by the system itself as part of automated processes in an IDS. These measures
are some of the most reliable methods to be absolutely sure that the file system in a network is
intact and free from any alterations by some processor users. Most of the time, intruders usually
prefer to remain under the radar so they can continue with their exploitation of the servers for
extended periods of time. Some may even go to the extent of replacing binaries with other
compromised versions of the code. Carrying out audits of the file systems can tell if any file has
been tampered with. This allows the administrators or owners of server environments to be
confident in the safety and integrity of their servers.
The implementation of IDS systems of the conduction of file audit processes often tends to be
quite intensive processes. The initial configuratio …
Purchase answer to see full
attachment

Order your essay today and save 10% with the discount code ESSAYHSELP