Assignment 2: LASA 1: Analyzing and Preventing Network Attacks
Consider the following scenario:
You work for a large online retailer that specializes in selling fishing equipment. This company has the majority of the market share for online fishing equipment sales and receives thousands of hits on its website every day.
Recently, three disgruntled employees were dismissed from the company. Later, the company noticed that the company web servers were being overwhelmed with bogus connections and web requests during peak utilization hours. Management suspects that one or more of these employees may be initiating distributed denial-of-service (DDoS) attacks to disrupt company operations and sales.
As the senior network specialist, you have been asked to analyze these attacks, recommend methods to enhance security to prevent future attacks, and describe how enhanced authentication can increase security.
Tasks:
Part I: Create a 3-page report on the following aspects:
- Create an After-Action Report for management that describes how this type of attack could have occurred.
- Analyze and explain how using specific industry best practices can protect the company network.
- Determine and explain security measures, in detail, that you would recommend to enhance security.
- Include how cryptography and authentication can support security.
Part II: Overview to Management (approximately 3 pages)
In Part I of this assignment, you provided a background about how the DDoS attack occurred and also described how industry best practices could help prevent future attacks. Assume that the online retailer is using Internet Information Services (IIS) 7.5 on Windows Server 2008 R2.
- Create a memo to management recommending specific enhancements to improve security on the Windows Server 2008 web server.
- Describe the common vulnerabilities of IIS 7.5.
- Describe the countermeasures to DDoS using Window native technologies or services.
- Recommend security enhancements or software to lockdown the web server.
Your final report will be in a Microsoft Word document and be approximately 5–7 pages in length; utilize two scholarly sources in your research. Your paper should be written in a clear, concise, and organized manner; demonstrate ethical scholarship in accurate representation and attribution of sources; and display accurate spelling, grammar, and punctuation.
Submission Details:
- Save the document as M3_A2_Lastname_Firstname.doc.
- By Wednesday, June 15, 2016, submit your document to the M3 Assignment 2 LASA 1 Dropbox.
LASA 1 Grading Criteria and Rubric
All LASAs in this course will be graded using a rubric. This assignment is worth 200 points. Download the rubric and carefully read it to understand the expectations.
| Assignment 2 Grading Criteria | Maximum Points |
| Created an After-Action Report to include how the attack occurred and explaining industry best practices to protect the network. | 60 |
| Created an After-Action Report to also include explanation of security measures and how cryptography and authentication can support security. | 60 |
| Created a memo to management recommending specific enhancements to improve security on the Windows Server 2008 web server. | 36 |
Writing components:
| 44 |
| Total: | 200 |