Encryption Standards
Encryption Standards
Description
Encryption entails encoding data in a manner that hackers cannot read, but only authorized people read it. In encryption scheme, the information (plain text) is encrypted using encryption algorithms. The encryption algorithm converts the information into an unreadable cipher text. The encryption is done using an encryption key. The encryption key describes how the encoding of the information will be done. This hinders the hacker from reading the text as he or she cannot read the cipher text and hence cannot determine anything about the original text. Any person authorized to read the text decodes the cipher text using decryption algorithm. The algorithm needs a secret decryption key that hackers or unauthorized people cannot access. The encryption scheme requires a key generation algorithm that randomly generates the keys.
There are two kinds of encryption schemes. That is a public key and a private key encryption. The encryption and decryption keys are the similar in private key schemes. Hence, the parties communicating should agree on the secret key they wish to use before commencing the communication. Conversely, the encryption key in public key scheme is public. In this case, any person can access the encryption key and encrypt the message. However, only the person receiving the information has access to the decryption key and hence is the only one capable of reading the encrypted information.
Public encryption has been invented recently as historically people used private encryption schemes. Militaries and governments have used encryption to promote secret communication. People use encryption to protect data transferred through the network. For instance, encryption protects data transferred through networks like the internet. Also, encryption protects data transferred via the mobile telephones, wireless intercom and Bluetooth devices. Encrypting data on transit assists in securing it as it is hard to secure access to network physically. Encryption promotes confidentiality of the information. Encryption is effective for protection of data in transit in a home network as it ensures only the intended persons access information (Anderson & Doherty, 2006).
Implementation
In order to protect a home network, one needs to implement encryption standards. Several encryption standards can be used to protect the home network. The standards help in encrypting data in a wireless home network. That is the wired equivalent privacy and Wi-Fi protected access. The Wired Equivalent Privacy offers simple and effective means of protecting information on the home network. It ensures unauthorized people do not access information on the home network without the knowledge of the owner. Wired Equivalent privacy is the most commonly available encryption standard and is provided with various key lengths. That is 64,128,152 and 256 bits. Also, one can reference to 40 and 104, but they are similar to 64 and 128.
Wired equivalent privacy (WEP) is good in protecting information from hackers. Also, the Wi-Fi protected access helps in the encryption of the home network. WPA providers better protection that wired equivalent privacy. In WEP, the keys do not change unless the owner changes them, but in WAP, the keys change automatically. There are two kinds of WPA. That is WPA and WPA2. WPA2 is a new encryption algorithm known as advanced encryption standard that offers business level security for home networks. Some of the home networking products including wireless computers, routers and access cards support all the encryption types, but some do not. Thus, the computer and router should use the same encryption key and method to understand one another. Thus, the WPA2 should be implemented to protect the home network as it offers maximum protection (Anderson & Doherty, 2006).
Configuration
One should follow the following steps when configuring WPA2. First, one should ensure the operating system is up-to-date and can support WPA 2. Also, one should ensure the wireless adapter can support WPA2. Additionally, the wireless access point or router should support WPA2. After that one should ensure the clients are working., He should put the PSK used to set up the router when requested by the OS. The PSK should be 8 to 63 characters. After finishing the configuration one will see the router is WPA2 enabled (Anderson & Doherty, 2006).
Patch Management
Description
A patch is software made to solve issues with or update a program. This entails fixing security vulnerabilities and other bugs. Thus, improves the usability and performance. Though patch management is meant to fix problems, patches that are poorly designed can cause a problem and affect the operation of the network. Updates might affect the functionality by removing components which the update provider is not licensed. They can also disable device and cause problems. Patch management should be done regularly, and they should be all encompassing to ensure it is effective. In a home network, one machine can affect other machines. The other machines can be compromised if one of the machines is affected.
Thus, all machines should be treated equally to ensure the network is secure. Patch management plays a crucial role in enhancing security, but it should not be treated as a solution to all security vulnerabilities. Hence, organizations should have multiple security controls including patch management to ensure the security is effective, and information is protected. Patch management entails acquiring, testing and installing many patches to an administered system. There are different patch management tasks. That is maintaining present knowledge of patches available. Other tasks are testing systems, selecting appropriate patches and documenting procedures (Nicastro, 2011).
Implementation
Implementing a patch management is vital as it ensures the home network is protected. Patch management is a continuous process and should be ongoing. One needs to apply a patch daily as new vulnerabilities might affect the network. First, one should use tools to scan the network system for missing security patches. The detection should be automatic to trigger the patch management process. Second, one should assess the severity of the issue to be addressed by the patch and prevent factors that might affect the decision.
By balancing the severity of the issue and preventing factors, one can determine if the vulnerability is a threat to the network environment. Third, one should download a patch for testing if the vulnerability cannot be solved with the current security measures. Fourth, one should install the patches on the test system and verify the ramification of the update against his or her production configuration. Fifth, one should deploy the patch to the production computer. The last step is maintaining the patch by subscribing to notification that alerts one to vulnerabilities (Nicastro, 2011).
Configuration
One can configure an automatic patch management in a personal computer. The first step in configuring an automatic patch management is scanning the systems in the network to identify missing patches. The Second step is scanning and downloading the missing patches. The third step is scanning, downloading and deploying the missing patches. This will address any vulnerability issues that might affect the network (Nicastro, 2011).
Vulnerability Scanning
Description
Vulnerability scanning involves scanning the network for vulnerabilities. Vulnerability scanning assists in securing a network. In addition, vulnerability scanning helps identify weaknesses in the system that can affect the system security. A vulnerability scanner helps identify devices in the network prone to vulnerabilities. Vulnerability scanning helps detect vulnerabilities, in a home network, and identify the weaknesses of network devices. Different vulnerability scanners can be used to identify devices on the home network open to vulnerabilities. Different scanners identify the devices differently. Some of the vulnerability scanners are effective while others are not. Thus, one should select the most effective vulnerability scanners to protect the home network from vulnerabilities (Burns, Killion, Moret & et al, 2007).
Implementation
The vulnerability scan is implemented by enabling the vulnerability scanning option on the computer. The vulnerability scanning option gives one an opportunity to choose the vulnerabilities to identify during a computer scan. Vulnerability scanning is a continuous process and should be done regularly to protect the system. Automating the vulnerability scanning option ensures vulnerabilities are identified automatically before affecting the network (Burns, Killion, Moret & et al, 2007).
Configuration
One can configure the vulnerability option to secure the home network. The vulnerabilities tab is used to specify the vulnerabilities to be investigated during a computer scan. One can customize and select the checks to be performed in a security scanning on a scan profile by scanning profile. Also, one can add his own vulnerability checks suitable to the network security scanning needs. One should expand the configuration to enable vulnerability scanning in a certain scanning profile. Then use the scanning profile note to choose the scanning profile to customize. Then click on the vulnerability tab and select the check box next to enable vulnerability scanning option (Burns, Killion, Moret & et al, 2007).
Procedures
Encryption Procedure
Encryption of data should be done properly to ensure data encrypted is not accessible to hackers and unauthorized people. The first step in encryption of data is selecting the encryption and decryption key. The encryption and decryption key depend on the encryption scheme being used. That is private or public encryption scheme. In case of a private encryption scheme, the encryption and decryption keys are similar. In a public encryption, the encryption and decryption key differ. So, the parties communicating should decide the encryption key to use.
Only the receiver should be aware of the decryption key. Also, they should select the algorithm to use when encrypting. Microsoft windows XP have the ability to encrypt data on volumes using NTFS file system, at 128-256 bits AES symmetric encryption. It uses encrypting file services to encrypt. The Algorithm rearranges scrambles and encodes the information. Then one generates a key pair made up of public and a private key. The keys are used to encrypt and decrypt the files encrypted (Anderson & Doherty, 2006).
Patch Management Procedure
The patch management procedure consists of various steps. The first step is scanning the system to identify missing patches. The second, step is determining how severe the issue to be addressed by the patch is and balancing with the mitigating factors. The third step is downloading the patch required. One should determine the suitable patch when downloading the patches. The fourth step is installing the patch selected on the system. The first step is subscribing to notification alerts to maintain the patches downloaded. The alerts identify any vulnerabilities and inform the user (Nicastro, 2011).
Vulnerability Scanning Procedures
The vulnerability scanning entails using a vulnerability scanner. The first step is configuring the vulnerability scanner and enabling the vulnerability scanning option. The second step is scanning the network system to identify any vulnerabilities and devices prone to vulnerabilities. The third step is fixing the issue identified in order to protect the home network (Burns, Killion, Moret & et al, 2007).
Reference
Is this your assignment or some part of it?
We can do it for you! Click to Order!
