Report on Cyber Security and tools and techniques

 Task 1: Investigation tools and techniques:

For maintaining the information system safety and its security many different tools and techniques are used most effectively within the organization and maintain a level of safety. So here are some basic investigation tools and techniques used to determine the cybersecurity system of the organization and secure all the information and physical security alarms to protect all the data and asset of the organization. Different software companies help increase the system security by utilizing different penetration testing utilities and automated ethical hacking tools providing more safety features and benefits to the company. (Securitytrails, 2018)  These tools include;

1.      Canvas: the main features of the canvas include escalates privileges to gain administrator access, inside the system modifies the files, download passwords, for the remote system takes screenshots, targets the selected geographic region, remote network exploitation and target a different kind of systems. It uses different supported platform include windows, MacOSX and Linux. 

2.      Ettercap:  for LAN networks, the Ettercap is work as packet sniffer and interceptor. It also used for caning different protocols. Its main features include DNS hijacking, able to kill established LAN connections, version and OS name determines, support different protocols include HTTP, SNMP, NFS, LDAP, MySQL and many others, with plugins it extensible, over GRE tunnel it sniffs the remote traffic, encryption-based protocol as SSH and HTTPS, establish connections with data injection, Mac and ARP addresses with a filter based on IP source and destination and protocol analysis as active and passive.

3.      AirCrack-ng: this Wi-Fi security is best of corporate security investigations and for homes also. It works by capturing networks and provide complete support for 802.11 WEP and WPA-PSK networks. It analyzes the information to crack access to Wi-Fi.

4.      Maltego: during performing the first analysis of the targets, this is perfect tools for data reconnaissance and intel gathering. It used to investigate the correlation between internet-based infrastructure and work along with the online resources which include online APT services, Geolocation services, social network search engine, DNS records and whois Data. It determines the social network profiles, organizations, companies, email addresses, and phone numbers, name, and people and utilizes their correlation. (Guru99, 2019)

List of threats that affect the security of the organization:

(Geeksforgeeks, 2019)

Task 2: information security policy for management purpose:

Information security is an essential requirement for every organization. So for handling different threats and attacks the company and its management has to establish a strong security policy that includes different actions and instalment of software to maintain the protective layer on all the data and types of equipment and stop the unauthorized access of the hackers. (Preyproject, 2020) Different scenarios to maintain the protection level in the organization include;

1.      Provide information: all the organization and its employees must be aware of all kind of attacks that can occur in the organization and what causes are present behind all these attacks so they have to understand how to handle these attacks and identify the classical attack methods, key attack targets and operating procedures. Every employee has to understand this information and take precautionary measurements to avoid these threats and make its performance better and save from all kind of data or equipment lost due to these threats.

2.      Responses through legal ways: different laws are present that stop this kind of attack but they can't prevent these attacks. different laws have established that cover the many types of attack and impose some punishment against these attacks. But these laws are not too much effective because hackers never consider these laws seriously. but these laws protection to some extent t the organizations who implement them and provide them with some alternative solution of any attack affect their privacy and data security. 

3.      Backups: many kinds of attacks damage the whole information and the complete data is lost so it is very important to save from such attack and develop additional copies of all the information or data and save that copy to another place. this will help to recover all the lost data and provide a backup of all the critical data according to requirement. the copied data must be saved far from the original system to save all kind of damages and disasters. Disk storage is the most preferable source to keep safe all the copied data and complete system must be duplicated to maintain smooth operations of the system.

4.      Patches: when in any software find any flaw fixes them quickly and find a better solution because hackers normally attack the flows of systems. Different service packs, security updates or patches are provided through the manufacturer to modify the software according to new updates and cover its flaws in a most effective way. The website of software must be used to get all the updated knowledge and consider their flaws and implement some patches to cover those flaws. Just released software is not preferable because its manufacturer never covers its flaws in the first time and didn't find an effective solution to overcome this problem.

5.      Access control: for cyberspace the automated access control is very important and it normally occurs through a password. By using the password the user can long on and use all the information and resources. Individual or a group of peoples can get access and apply separately the password criteria to read, write or execute the resources according to their requirement. A firewall is used in computer systems to restrict the additional traffic and run the network according to the simple way and implement communication and origin protocol through a local area network. But this will damage through any kind of attack.

6.      Counterattacking: for an active network, the most non-serious and irresponsible action is a counterattack on the opposite machines that attack your system. This activity can be done on any system by using specific products. But for internal protection, this is not suitable. Normally attackers not directly use their machinery to attack the system and the counterattack never damages their performance. But it is not too much beneficial because when the counterattack occurs for the attacker the attacker never gets hurt and save through collateral damage of the system and consider no any effect on it. 

7.      Back tracing: this is act as a defence for an active network that determines the location and address of attackers to stop that attack.  Many internet protocols have not this feature but for routing the traffic this idea may work. In case of a serious attack, this idea may not too much effective and no any source can be found easily to determine where the attack comes and different jurisdictions also present to find the actual source with great difficulty. A strong backup plan is required to determine the source of the attack and determine where the attack comes and how to stop with strong hurdles. (Rowe, 2019)

Reference of Cyber Security:

Geeksforgeeks. (2019). Threats to Information Security. Retrieved from                                                     https://www.geeksforgeeks.org/threats-to-information-security/

Guru99. (2019). Potential Security Threats To Your Computer Systems. Retrieved from                            https://www.guru99.com/potential-security-threats-to-your-computer-systems.html

Preyproject. (2020). WHAT ARE CYBER THREATS AND WHAT TO DO ABOUT THEM.                        Retrieved from https://preyproject.com/blog/en/what-are-cyber-threats-how-they-affect-    you-what-to-do-about-them/

Rowe, N. C. (2019). Cyber-attacks. Retrieved from https://faculty.nps.edu/ncrowe/edg_attacks.htm

Securitytrails. (2018, Oct 9). Top 15 Ethical Hacking Tools Used by Infosec Professionals.                       Retrieved from https://securitytrails.com/blog/top-15-ethical-hacking-tools-used-by-          infosec-professionals