CST 620
Bad Network Activity Report
UMGC, CST 620
Contents
Bad Network Activity
Report..............................................................................................3
Network
Architecture...........................................................................................................3
Cyber
Attacks...................................................................................................................8
Remediations.............................................................................................................
10
References.........................................................................................................................
.11
Bad Network Activity
Report
There has been an intrusion on the network, and because of this, many banks may
have had their information or transactions compromised. An employee from the Financial
Information Sharing and Analysis Center has provided specific details, including the
verification that millions of files were compromised. As the network analyst on the
cybersecurity sector, it is imperative to educate the banks of the data exfiltration, intrusions
and distributed denial of service that has taken place and has put its customers in grave risk
with the information that was compromised and how to further protect or prevent these things
from happening in the future.
Network
Architecture
When data transmission takes place, there are several transmission components such
as TCP/IP, which is transmission control protocol/internet protocol. UDP is a user datagram
, protocol, IP schemes, internet packets, and well-known ports and applications. TCP/IP suites
can be extremely vulnerable to attacks such as connection hijacking, IP spoofing, DNS
spoofing, and denial of service. The vulnerability to these types of attacks can be mitigated
with defense mechanisms such as firewalls, vulnerability scanners, intrusion detection
systems, and several encryption techniques (Gangane, 2020). The transmission control
protocol/internet protocol is essentially a protocol suite that is a compilation of
communication protocols that operate on several layers of the Open Source Interconnection
model. The TCP/IP has a five-layer model that encompasses how communication is
transmitted between devices. The layers are in the model
are the application layer, transport, network, data link, and physical layer. The physical layer
receives or sends a signal through the physical wires to broadcast bits found in a frame. The
data link is the frame, and at this level, the data becomes organized. The network layer is
where the data is transformed into packets and is responsible for transmitting to a non-
adjacent system. The
transport layer is a process to process delivery and can run several operations at the same
time, such as emails and file transfer. The application layer is where new services and
protocols are developed, and this layer serves as an ability to access the other layers. User
Datagram Protocol creates a connection between applications that are running on a host on
the network, and they do not require a handshake before the messages are sent. This protocol
is used when the speed is more valued than the reliability of the transmission of the packets.
This type of protocol is typically used for services like live conferences or video games
(GeeksforGeeks, 2019). An internet packet is data flowing between the original to the
desired destination address within a packet-switched network or the internet. The size of
these packets determines the security or integrity of the packet because if there are several
small packets of data sent instead of one large packet, then this increases the chances of all
of them arriving at their destination in order. An IP address scheme allows devices on the
Bad Network Activity Report
UMGC, CST 620
Contents
Bad Network Activity
Report..............................................................................................3
Network
Architecture...........................................................................................................3
Cyber
Attacks...................................................................................................................8
Remediations.............................................................................................................
10
References.........................................................................................................................
.11
Bad Network Activity
Report
There has been an intrusion on the network, and because of this, many banks may
have had their information or transactions compromised. An employee from the Financial
Information Sharing and Analysis Center has provided specific details, including the
verification that millions of files were compromised. As the network analyst on the
cybersecurity sector, it is imperative to educate the banks of the data exfiltration, intrusions
and distributed denial of service that has taken place and has put its customers in grave risk
with the information that was compromised and how to further protect or prevent these things
from happening in the future.
Network
Architecture
When data transmission takes place, there are several transmission components such
as TCP/IP, which is transmission control protocol/internet protocol. UDP is a user datagram
, protocol, IP schemes, internet packets, and well-known ports and applications. TCP/IP suites
can be extremely vulnerable to attacks such as connection hijacking, IP spoofing, DNS
spoofing, and denial of service. The vulnerability to these types of attacks can be mitigated
with defense mechanisms such as firewalls, vulnerability scanners, intrusion detection
systems, and several encryption techniques (Gangane, 2020). The transmission control
protocol/internet protocol is essentially a protocol suite that is a compilation of
communication protocols that operate on several layers of the Open Source Interconnection
model. The TCP/IP has a five-layer model that encompasses how communication is
transmitted between devices. The layers are in the model
are the application layer, transport, network, data link, and physical layer. The physical layer
receives or sends a signal through the physical wires to broadcast bits found in a frame. The
data link is the frame, and at this level, the data becomes organized. The network layer is
where the data is transformed into packets and is responsible for transmitting to a non-
adjacent system. The
transport layer is a process to process delivery and can run several operations at the same
time, such as emails and file transfer. The application layer is where new services and
protocols are developed, and this layer serves as an ability to access the other layers. User
Datagram Protocol creates a connection between applications that are running on a host on
the network, and they do not require a handshake before the messages are sent. This protocol
is used when the speed is more valued than the reliability of the transmission of the packets.
This type of protocol is typically used for services like live conferences or video games
(GeeksforGeeks, 2019). An internet packet is data flowing between the original to the
desired destination address within a packet-switched network or the internet. The size of
these packets determines the security or integrity of the packet because if there are several
small packets of data sent instead of one large packet, then this increases the chances of all
of them arriving at their destination in order. An IP address scheme allows devices on the
