I saw that you answered the Task 2 for the class. Do you have the answers for Task 1?
If you do, will the answer be different from the other ones that you already completed?
(Competency 426.4.4: Denial of Service (DoS))
You work for a large public
university that utilizes a web-based registration and cashiering system
that allows students to register for, pay for, and drop classes.
Naturally, peak usage times are during registration season shortly
before the start of a new quarter. The system has been in place for
about a year and a half and has greatly reduced the workforce needed to
staff the registration office during registration season; as a result of
implementing the new system, over three-quarters of the registration
staff were reassigned to other parts of the university.
However, during registration
for the most recent quarter, the web-based system suffered a crippling
distributed denial-of-service (DDoS) attack that made the system
unavailable for about 24 hours. The university’s network staff was
certain that the attack did not initiate from an external network source
since the university has a series of mechanisms in place to intercept
such attacks. Further investigation revealed that the attack originated
from the internal network. The network team discovered that a password
sniffer application was somehow installed on a large portion of the
computers in various university computer labs. The password sniffer
captured one of the administrative passwords that was recently used to
remotely install a critical operating system patch for these computers.
Once compromised, the computers were then used collectively to perform a
DDoS attack that flooded the registration system’s web servers with
thousands of bogus HTTP requests, which quickly overwhelmed the servers
and caused them to become unavailable.
As the lead network
specialist, you have been asked to recommend countermeasures to protect
the university’s registration system against this type of
denial-of-service (DoS) attack.
A. Create a diagram to illustrate how the attack occurred. In your diagram, include the following:
• The web server
• Computer labs
• Network equipment
• How the traffic is flowing to the registration system
B. Recommend in an executive summary (suggested length of 2 pages) preventive measures to counter this type of DoS attack.
Note: The executive summary
will be read primarily by nontechnical management staff, so it is
important that the summary sufficiently develops and addresses the topic
but does not overwhelm the reader with unexplained technical