MIS 5214 - Section 001 - David Lanter
February 3, 2022 by Jose Gomez 27 Comments
Kelly Sharadin says
February 4, 2022 at 1:58 pm
Cloud environments can reduce network visibility compared to on-premise networks. I have been working on an Azure networking project and its eye-opening how much collecting that information will cost the client. To that end, do you think cloud environments make network security more or less difficult?
Lauren Deinhardt says
February 6, 2022 at 10:01 pm
I really think that this depends on the type of service deployed. For instance, a SaaS cloud platform might have more managed security than an IaaS would (i.e. MSFT O365, depending on the package, can include Windows Defender and other security measures that an IaaS might not). Overall, I do believe that many cloud platforms offer functional means of creating a secure environment.
zijian ou says
February 5, 2022 at 7:15 am
What steps can be taken to prevent distributed denial of service attacks (DDoS)?
February 6, 2022 at 10:23 am
A couple of mitigations organizations can put in place to prevent DDoS attacks. First and foremost, understanding what normal network traffic looks like can help network engineers filter malicious traffic. Organizations should use load balancers to help offset spikes in traffic to prevent the server from being taken offline during a DDoS attack. If the infrastructure is hosted with a cloud provider, utilize their services for DDoS protection and review any SLAs regarding DDoS protection. Lastly, if the organization has the security maturity to do so, implementing deception techniques like honeypots to direct malicious attackers to decoy resources can help defenders respond without being actively targeted.
kofi bonsu says
February 8, 2022 at 8:24 am
I believe an organization can help avoid a distributed denial-of-service attack by doing the following: Creating a strategy for dealing with denials of service. Securing the resources of the network. Filtering firewalls and routers at the network’s edge to detect and block DDoS links
Madalyn Stiverson says
February 8, 2022 at 9:31 am
In addition to what Kelly and Kofi mentioned, there are a few additional things you can track and implement. You can track and block requests coming from a single IP or IP range. You should track your normal network traffic and respond to any abnormal traffic. You can also increase your bandwidth, as it will increase your resilience to DDoS attacks. Cloud-based networks naturally have larger bandwidth.
February 5, 2022 at 9:57 am
What are the pros and cons to a wholly cloud based infrastructure? Is this feasible for small businesses to implement?
Vraj Patel says
February 7, 2022 at 7:44 pm
One of the pro for using a cloud based infrastructure is the availability of that system. The system on the cloud could be easily accessible from any where. One of the con would be that as it’s online it could be accessible by any one. As a result it would need to be properly secured.
Andrew Nguyen says
February 5, 2022 at 7:41 pm
One question that i would like to ask my classmates based off this weeks readings would be :
How does using a cloud infrastructure help prevent/mitigate DDoS attacks?
Michael Jordan says
February 9, 2022 at 12:23 am
I would think that using a cloud infrastructure could help prevent DDoS attacks because cloud providers are connected to so many organizations that they inherently have more responsibility than most companies to make their services as secure as possible. Using an IaaS may create more responsibility for the purchasing organization, but there could still be flaws in the CSP network that could grant access to back-end cloud storage, connected networks, and more (hopefully not).
I think using a cloud infrastructure could help mitigate attempted attacks because the network bandwidth would be larger and would require more traffic to disrupt, boosting the availability of the network, but not making it invincible.
With that being said, I would also think CSP’s receive among the highest volume of attempted attacks due to the volume of storage and interconnectivity they hold, so there is some trade off.
February 6, 2022 at 6:23 am
One question that I will be happy to discuss with my classmates is explain what is meant by a certification authority and the role of a digital certificate for as far as security is concerned.
Patrick Jurgelewicz says
February 8, 2022 at 11:48 am
Hey Kofi, a certification authority is “an entity entrusted to issue certificates that assert that the recipient individual, computer, or organization requesting the certificate fulfills the conditions of an established policy”. Basically, they are trusted parties that validates a host’s identity so end users don’t have to. A digital certificate is the digitally signed statement that contains the information about an entity and the entity’s public key.
Antonio Cozza says
February 6, 2022 at 6:43 pm
As cybersecurity professionals, how do you view and do you purchase IoT / “smart” devices when these are notoriously insecure, unpatched, and are the easiest method of adding zombies into a botnet for an attacker to control with a c2 server and enact a DoS attack?
February 8, 2022 at 9:25 am
For me, it’s a tradeoff of an additional potential attack vector vs convenience When I hook up a smart light switch in my house, I make sure to change the default password to something strong and unique. Ideally, you’d also do regular firmware updates and make sure someone can’t use the light switch as a stepping stone into your network. I would be hesitant to install locks and garage openers that are connected to the internet, as a vulnerability in those could grant access to the house.
February 6, 2022 at 7:17 pm
What mitigation steps can be taken once identified the DDoS attack?
Victoria Zak says
February 7, 2022 at 8:43 pm
In the article we read for this week, there are any many mitigation steps an organization can take once a DDoS attack is identified. One being, to identify statistical patterns and being able to compare the same with live traffic. Another way is to set up dummy servers with maximum vulnerabilities that are exposed to the hackers as legitimate servers, known as the honeypot. Additionally, aggressive catching can be utilized. Aggressive catching are webpages stored as a separate HTML files and when users request these pages, the HTML files are presented to them instead of the time/CPU resource consuming database quires. This enables the servers to handle more requests/per second and hence the smaller DDoS attacks can be fended off.
February 6, 2022 at 7:30 pm
How long do DDoS attacks last and what are the different types?
Dhaval Patel says
February 6, 2022 at 7:36 pm
Do you think it is easier to stop/prevent DDoS attacks that occur on cloud environments or an on-prem environment/hybrid model?
February 8, 2022 at 11:12 am
Hey Dhaval, I believe one of the best ways to mitigate DDoS attacks is to enable auto-scaling within the server and to load-balance and direct traffic as needed as new instances come online to deal with the incoming traffic. I believe this can be best done on cloud environments as typically additional scaling can be provided as needed, then the company can pay later.
February 6, 2022 at 9:31 pm
How do the security goals of a network differ from the typical CIA triad used for most information types?
What are the 5 essential characteristics of a cloud computing environment?
Dan Xu says
February 6, 2022 at 11:04 pm
What are the disadvantages of cloud computing and how can they be prevented?
Olayinka Lucas says
February 6, 2022 at 11:47 pm
As an Information Technology Auditor, what would be the most critical risks to identify for mitigation when auditing a Cloud Service Provider (CSP).
February 9, 2022 at 12:14 am
I would think that auditing a CSP is one of the hardest and most thorough audits that an IT auditor would have to conduct. Cloud service providers even service some government agencies, which would be (in my opinion) some of the most nerve racking systems to audit, so CSP’s are just as critical.
I think that the largest critical risks to identify would be within the Saas and PaaS services, because the IaaS service leaves more responsibility for the purchaser of the service in regards to security (but could still could have critical flaws). The most critical risks to identify for mitigation would be within the most widespread services – for example, O365 (there was a huge Outlook breach in which over 20,000 organizations were affected (https://venturebeat.com/2021/03/08/white-house-warns-of-active-threat-following-microsoft-outlook-breach/)), Salesforce, and many more.
TLDR: The most critical risks to identify would be the ones that could grant access to the most systems with the highest security categorizations.
February 6, 2022 at 11:56 pm
Would you guys also consider the Titan computing cluster from the case study to be a cloud? Is the phrase “computing cluster” a synonym for a cloud?
February 8, 2022 at 9:20 am
The Titan cluster was accessible via internet after submitting your login information. It included both databases to store your information and additional computational power for the scientists to use in their experiments. I would consider this a community cloud, as defined in the NIST 800 145 reading for this week.
February 9, 2022 at 12:04 am
I would consider it a cloud too. I think that in some cases, the word “cloud” is synonymous with the word “cluster”, but I did not want to overstep my knowledge and say that they are always synonyms. I am glad that you agree that the Titan cluster was a cloud. Thanks for your response!
You must be logged in to post a comment.