LOT Task 1
SUBDOMAIN 426.4 - HACKING
Competency 426.4.4: Denial of Service (DoS) - The graduate identifies and implements countermeasures to protect against denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks using industry best practices.
You work for a large public university that utilizes a web-based registration and cashiering system that allows students to register for, pay for, and drop classes. Naturally, peak usage times are during registration season shortly before the start of a new quarter. The system has been in place for about a year and a half and has greatly reduced the workforce needed to staff the registration office during registration season; as a result of implementing the new system, over three-quarters of the registration staff were reassigned to other parts of the university.
However, during registration for the most recent quarter, the web-based system suffered a crippling distributed denial-of-service (DDoS) attack that made the system unavailable for about 24 hours. The university’s network staff was certain that the attack did not initiate from an external network source since the university has a series of mechanisms in place to intercept such attacks. Further investigation revealed that the attack originated from the internal network. The network team discovered that a password sniffer application was somehow installed on a large portion of the computers in various university computer labs. The password sniffer captured one of the administrative passwords that was recently used to remotely install a critical operating system patch for these computers. Once compromised, the computers were then used collectively to perform a DDoS attack that flooded the registration system’s web servers with thousands of bogus HTTP requests, which quickly overwhelmed the servers and caused them to become unavailable.
As the lead network specialist, you have been asked to recommend countermeasures to protect the university’s registration system against this type of denial-of-service (DoS) attack.
A. Create a diagram to illustrate how the attack occurred. In your diagram, include the following:
• The web server
• Computer labs
• Network equipment
• How the traffic is flowing to the registration system
B. Recommend in an executive summary (suggested length of 2 pages) preventive measures to counter this type of DoS attack.
Note: The executive summary will be read primarily by nontechnical management staff, so it is important that the summary sufficiently develops and addresses the topic but does not overwhelm the reader with unexplained technical terminology.
C. When you use sources, include all in-text citations and references in APA format.
Note: When bulleted points are present in the task prompt, the level of detail or support called for in the rubric refers to those bulleted points.
Note: For definitions of terms commonly used in the rubric, see the Rubric Terms web link included in the Evaluation Procedures section.
Note: When using sources to support ideas and elements in a paper or project, the submission MUST include APA formatted in-text citations with a corresponding reference list for any direct quotes or paraphrasing. It is not necessary to list sources that were consulted if they have not been quoted or paraphrased in the text of the paper or project.
Note: No more than a combined total of 30% of a submission can be directly quoted or closely paraphrased from sources, even if cited correctly. For tips on using APA style, please refer to the APA Handout web link included in the General Instructions section.