Order
Toll-free 24/7:
+1 (347) 809-8481
Order

Introduction to Packet Capture and Intrusion Detection Prevention Systems

You are a network analyst on the fly-away team for the FBI’s cybersecurity sector engagement division. You’ve been deployed several times to financial institutions to examine their networks after cyberattacks, ranging from intrusions and data exfiltration to distributed denial of services to their network supporting customer transaction websites. A representative from the Financial Services Information Sharing and Analysis Center, FS-ISAC, met with your boss, the chief net defense liaison to the financial services sector, about recent reports of intrusions into the networks of banks and their consortium.

He’s provided some of the details of the reports in an email. “Millions of files were compromised, and financial officials want to know who entered the networks and what happened to the information. At the same time, the FS-ISAC has seen extensive distributed denial of service disrupting the bank’s networks, impacting the customer websites, and blocking millions of dollars of potential transactions,” his email reads.

You realize that the impact from these attacks could cause the downfall of many banks and ultimately create a strain on the US economy. In the email, your chief asks you to travel to one of the banks and using your suite of network monitoring and intrusion detection tools, produce two documents—a report to the FBI and FS-ISAC that contains the information you observed on the network and a joint network defense bulletin to all the banks in the FS-ISAC consortium, recommending prevention methods and remediation against the types of malicious traffic activity that they may face or are facing.

Get your 100% original paper on any topic done
in as little as 4 hours
Write My Essay

Network traffic analysis and monitoring help to distinguish legitimate traffic from malicious traffic. Network administrators must protect networks from intrusions. This can be done using tools and techniques that use past traffic data to determine what should be allowed and what should be blocked. In the face of constantly evolving threats to networks, network administrators must ensure their intrusion detection and prevention systems are able to analyze, monitor, and even prevent these advanced threats.

In this project, you will research network intrusion and prevention systems and understand their use in a network environment. You will also use monitoring and analysis technologies in the Workspace to compile a Malicious Network Activity Report for financial institutions and a Joint Network Defense Bulletin for a financial services consortium.

The following are the deliverables for this project:

Deliverables

•Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

•Joint Network Defense Bulletin: A one- to two-page double-spaced document.

Step 1: Create a Network Architecture Overview

You travel to the various bank locations and gain access to their networks. However, you must first understand the network architecture of these banks. 

Provide a network architecture overview along with diagrams. Your overview can be fictitious or based on an actual organization. The goal is to provide an understanding of the network architecture.

Describe the various data transmission components. Select the links below to review them:

1.User Datagram Protocol (UDP)

2.Transmission Control Protocol/Internet Protocol (TCP/IP)

3.Internet packets

4.IP address schemes

5.well-known ports and applications

Address the meaning and relevance of information, such as:

a.The sender or source that transmits a message 

b.The encoder used to code messages

c.The medium or channel that carries the message 

d.The decoding mechanisms used

e.The receiver or destination of the messages

Describe:

a.The intrusion detection system (IDS) 

b.The intrusion prevention system (IPS)

c.The firewalls that have been established

d.The link between the operating systems, the software, and hardware components in the network, firewall, and IDS that make up the network defense implementation of the banks’ networks.

Identify:

a.How banks use firewalls 

b.How banks use IDSs 

c.The difference between these technologies

Include:

a.The network infrastructure information

b.The IP address schemes that will involve the IP addressing assignment model 

c.The public and private addressing and address allocations

d.Identify potential risks in setting up the IP addressing scheme 

Here are some resources to review:

•Intrusion detection & prevention (IDS/IPS) systems

•Firewalls

Identify:

a.Any well-known ports and applications that are used

b.The risks associated with those ports and applications being identified and possibly targeted 

Add your overview to your report.

In the next step, you will identify network attacks and ways to monitor systems to prevent these attacks.

Step 2: Identify Network Attacks

In the previous step, you provided an overview of the network architecture. In this step, you will identify possible cyberattacks such as spoofing/cache poisoning, session hijacking, and man-in-the-middle attacks.

Provide techniques for monitoring these attacks using knowledge acquired in the previous step. Review the following resources to gain a better understanding of these particular cyberattacks:

•Session hijacking: spoofing/cache poisoning attacks

•Man-in-the-middle attacks

One way to monitor and learn about malicious activities on a network is to create honeypots.

Propose a honeypot environment to lure hackers to the network and include the following in your proposal:

a.Describe a honeypot.

b.Explain how a honeypot environment is set up.

c.Explain the security and protection mechanisms a bank would need for a honeypot.

d.Discuss some network traffic indicators that will tell you that your honeypot trap is working.

Include this information in your final report. However, do not include this information in the bulletin to prevent hackers from being alerted about these defenses.

Then, continue to the next step, where you will identify false negatives and positives.

Step 3: Identify False Negatives and False Positives

You just identified possible information security attacks. Now, identify the risks to network traffic analysis and remediation. Review the resources on false positives and false negatives and discuss the following:

a.Identify what are false positives and false negatives.

b.How are false positives and false negatives determined?

c.How are false positives and false negatives tested?

d.Which is riskier to the health of the network, a false positive or a false negative?

Describe your analysis about testing for false negatives and false positives using tools such as IDSs and firewalls, and include this as recommendations for the banks in your public service Joint Network Defense Bulletin.

Discuss the concept of performing statistical analysis of false positives and false negatives.

Explain how banks can reduce these issues.

Research possible ways to reduce these events and include this information as recommendations in the Malicious Network Activity Report.

Network intrusion analysis is often done with a tool such as Snort. Snort is a free and open-source intrusion detection/prevention system program. It is used for detecting and preventing malicious traffic and attacks on networks, analysis, and education. Such identification can be used to design signatures for the IDS, as well as to program the IDS to block this known bad traffic. 

Network traffic analysis is often done using tools such as Wireshark. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development and education. Cybersecurity professionals must know how to perform network forensics analysis.

In the next step, you will analyze network traffic.

Step 5: Determine Sensitivity of Your Analysis 

In the previous step, you completed network analysis. In this step, you will determine which information to include in which document.

Information appropriate for internal consumption may not be appropriate for public consumption. The Joint Network Defense Bulletin may alert criminals of the network defense strategy. Therefore, be careful about what you include in this bulletin.

Once you have assessed the sensitivity of the information, include appropriate information in your Malicious Network Activity Report.

Then, include appropriate information in the Joint Network Defense Bulletin in a way that educates the financial services consortium of the threat and the mitigating activities necessary to protect against that threat.

Step 6: Explain Other Detection Tools and Techniques

In the previous step, you included appropriate information in the proper document. In this step, perform independent research and briefly discuss what other tools and techniques may be used to detect these signatures.

Provide enough detail so that a bank network administrator could follow your explanation to deploy your system in production. Include this information in the Joint Network Defense Bulletin.

Next, move to the next step, where you will organize and complete your report.

Step 7: Complete Malicious Network Activity Report

Now that you have gathered all the data for your Malicious Network Activity Report, it is time to organize and submit it. The following is a suggested outline:

1.Introduction: Describe the banking institution and the issue you will be examining.

2.Overview of the Network Architecture

3.Network Attacks

4.Network Traffic Analysis and Results

5.Other Detection Tools and Techniques

6.Recommended Remediation Strategies

Submit your report to the Assignments folder. You are now ready for the final step, the Joint Network Defense Bulletin.

Step 8: Create the Joint Network Defense Bulletin

In this step, you will create the Joint Network Defense Bulletin. Compile the information you have gathered, taking care to eliminate any sensitive bank-specific information. The Joint Network Defense Bulletin is an educational document for the financial services consortium. This bulletin should be addressed to the FBI chief and the FS-ISAC representative.  

Here is a list of the final deliverables for Project 2.

Deliverables

•Malicious Network Activity Report: An eight- to 10-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

•Joint Network Defense Bulletin: A one- to two-page double-spaced document.

We will write a custom Essay on Introduction to Packet Capture and Intrusion Detection Prevention Systems specifically for you for only $16.05 $13/page

805 certified writers online

Order Now

Need help with your Assignment?

Give us your paper requirements,and we’ll deliver the highest-quality essay at only $13 a page.

Order with discount
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyhomeworkGeeks
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Leadership Studies
excellent job as always
Customer 452773, September 2nd, 2023
Business and administrative studies
excellent job
Customer 452773, March 12th, 2023
management
Did an excellent job once the instructions werre followed
Customer 452773, October 31st, 2024
Marketing
excellent work thank you
Customer 452773, September 19th, 2024
Business and administrative studies
Thank you for your hard work and effort. Made a 96 out of 125 points Lacked information from the rubic
Customer 452773, October 27th, 2023
Leadership Studies
excellent job
Customer 452773, August 3rd, 2023
FIN571
excellent work
Customer 452773, March 1st, 2024
Business and administrative studies
excellent paper
Customer 452773, March 3rd, 2023
business
Thank you for your hard work and help.
Customer 452773, February 13th, 2023
Managerial Accounting & Legal Aspects of Business ACC/543
excellent work
Customer 452773, February 7th, 2024
FIN571
excellent
Customer 452773, March 15th, 2024
Business and administrative studies
Excellent job
Customer 452773, March 17th, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Check the price of your paper
Show more
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Order with discount
Before you leave
Receive a guaranteed discount when ordering four or more pages
4
You'll get 15% discount
use discount