Use The Attached Template To Finish The Assignment

Posted on December 27, 2025

Use The Template Attached To Finish the Assignmentdiscuss The Differ

Use the template attached, to finish the assignment: Discuss the differences between external and internal threats as they relate to network security. Which threat is most difficult to defend against and why? What protections would be used specifically related to internal threats? Why is it important for organizations to have a written security policy? Highlight the basic functions and operation of public key cryptography. What is the “Advanced Encryption Standard”? How are digital signatures generated and used? Discuss “Pretty Good Privacy.” What is it? Why has it stood the test of time, and will it be good enough in the future, why or why not? Compare it to Kerberos encryption. Identify and compare the two primary and currently used techniques to secure wireless communications. How safe are your data communications when using a typical wireless hotspot (public)? What can you do to improve your data security when using one of these services?

Paper For Above instruction

Network security remains a critical aspect of modern information technology, primarily focusing on protecting data integrity, confidentiality, and availability against various threats. Understanding the nature of threats—both external and internal—is fundamental to developing appropriate security measures. External threats originate outside the organization and include cybercriminals, hackers, nation-states, and malicious software, whereas internal threats stem from within the organization, often involving employees or affiliates who have legitimate access but may misuse or inadvertently compromise security. Recognizing the differences between these threats facilitates tailored defense strategies and safeguards.

Differences Between External and Internal Threats

External threats typically involve unauthorized access, malware attacks, denial-of-service attacks, and phishing attempts designed to exploit vulnerabilities outside the organization's network perimeter. These threats often involve hackers attempting to penetrate defenses from outside sources. Internal threats, on the other hand, are more insidious as they involve trusted insiders who understand the organization’s systems and may intentionally or unintentionally compromise security. These threats include data theft, sabotage, or negligence, making internal threats particularly challenging to identify and mitigate due to their legitimacy within the organization's environment.

The Most Difficult Threat to Defend Against

Internal threats are generally more difficult to defend against because they originate from within the organization’s trusted environment. Unlike external threats, which can often be countered via perimeter defenses such as firewalls, intrusion detection systems, and external monitoring, internal threats require comprehensive internal controls, monitoring, and a culture of security awareness. Moreover, insiders possess authorized access, which makes it easier to bypass some security measures, especially if policies are weak or poorly enforced.

Protections Against Internal Threats

Effective protections for internal threats include implementing strict access controls through role-based access systems, continuous monitoring of user activity, encryption of sensitive data, and regular security audits. Multi-factor authentication (MFA) adds a layer of verification to ensure only authorized personnel access critical systems. Establishing a strong security policy, fostering a security-aware culture, and conducting regular training are also vital. It is essential to create accountability by maintaining detailed logs and conducting background checks before granting access to sensitive information.

Importance of a Written Security Policy

A written security policy formalizes an organization’s approach to cybersecurity, outlining roles, responsibilities, acceptable behaviors, and procedures to handle security incidents. Such a policy provides clarity, compliance, and a benchmark for assessing security posture. It helps ensure all employees understand their role in maintaining security, reduces ambiguities, and demonstrates due diligence to regulators and stakeholders. Without a documented policy, inconsistent practices and vulnerabilities are more likely, increasing the risk of security breaches.

Public Key Cryptography: Functions and Operation

Public key cryptography, or asymmetric encryption, uses a pair of keys—a public key for encryption and a private key for decryption. When a sender encrypts data with the recipient's public key, only the recipient's private key can decrypt it, ensuring confidentiality. It also enables digital signatures, where a sender signs data with their private key; anyone with the public key can verify authenticity. This cryptographic method underpins secure communications, digital certificates, and authentication protocols, facilitating secure online transactions and data protection.

What is the “Advanced Encryption Standard”?

The Advanced Encryption Standard (AES) is a symmetric encryption algorithm adopted by the U.S. government as a standard for securing classified information. AES uses block cipher techniques with key sizes of 128, 192, or 256 bits, delivering strong security and efficiency. Its design allows for fast encryption and decryption processes, making it widely suitable for secure communications, data storage, and transmission across diverse platforms.

Digital Signatures: Generation and Usage

Digital signatures are generated by applying a hash function to the message and then encrypting the hash with the sender's private key. The recipient decrypts the signature with the sender’s public key, verifies the hash, and confirms message integrity and authenticity. Digital signatures are used extensively in electronic transactions, securing emails, software distribution, and legal documents. They ensure non-repudiation, meaning the sender cannot deny the authenticity of the signed data.

Pretty Good Privacy (PGP): Overview and Longevity

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. Introduced by Phil Zimmermann, PGP combines symmetric and asymmetric encryption, allowing users to encrypt emails, files, and directories securely. Its popularity stems from its robustness, ease of use, and open-source components, which foster widespread adoption. While PGP remains effective today, future security depends on continued cryptographic advances and key management practices. As quantum computing develops, PGP and similar encryption systems may require upgrades to withstand new threats.

Comparison of PGP and Kerberos Encryption

PGP and Kerberos are both cryptographic systems, but they serve different purposes. PGP uses public key cryptography for individual data encryption and digital signatures, focusing on securing individual communications. In contrast, Kerberos provides a centralized authentication service, issuing ticket-granting tickets (TGTs) to verify identities and enable secure access to network resources. While PGP excels at securing data in transit or at rest, Kerberos is more suited for authenticating users within a trusted network, enabling secure single sign-on (SSO). Both play essential roles in modern cybersecurity architectures, often complementing each other.

Securing Wireless Communications: Techniques and Safety

The two primary techniques for securing wireless communications are Wi-Fi Protected Access (WPA/WPA2/WPA3) and Virtual Private Networks (VPNs). WPA3, the latest standard, offers robust encryption using the Simultaneous Authentication of Equals (SAE) handshake and advanced encryption protocols, significantly improving security over WPA2. VPNs create secure tunnels over unsecured networks, encrypting data transmitted over public Wi-Fi hotspots. Despite these measures, using public Wi-Fi introduces vulnerabilities such as eavesdropping and man-in-the-middle attacks. To enhance security, users should employ VPNs, avoid accessing sensitive sites, and use secure websites with HTTPS, along with disabling sharing settings and enabling firewalls.

Conclusion

In conclusion, understanding the differences between external and internal security threats informs the development of effective defense strategies. While external threats are often mitigated through perimeter security measures, internal threats require layered controls, monitoring, and a security-conscious organizational culture. Cryptographic techniques like AES, digital signatures, PGP, and Kerberos form the backbone of securing digital information and communications. As technology evolves, so must our security practices, especially regarding wireless communications, where layered protections such as WPA3, VPNs, and user awareness can mitigate vulnerabilities. Organizations must also establish written security policies to guide consistent and effective security posture, ensuring the integrity and confidentiality of their data assets in an increasingly complex cyber threat landscape.

References

Stallings, W. (2017). Cryptography and Network Security: Principles and Practice. Pearson.
Doss, C. R. (2012). Digital Evidence and Computer Crime: Forensic Science, computers, and the Internet. Elsevier.
Rescorla, E. (2018). The Transport Layer Security (TLS) Protocol Version 1.3. IETF RFC 8446.
Zimmermann, P. (1995). PGP: Pretty Good Privacy for Personal Privacy. Communications of the ACM, 38(10), 50–60.
NIST. (2001). Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197.
Kerberos Consortium. (2020). Kerberos: The Network Authentication Protocol. Retrieved from https://web.mit.edu/kerberos/
Bonneau, J., Herley, C., Van Oorschot, P. C., & Stajano, F. (2015). The Race to Reduce Password Reuse. IEEE Security & Privacy.
Korhonen, P., & Newman, B. (2019). Securing Wireless Networks with WPA3. IEEE Transactions on Wireless Communications.
Rouse, M. (2020). Virtual Private Network (VPN). TechTarget. Retrieved from https://searchsecurity.techtarget.com/definition/virtual-private-network
Ali, S., & Olk, D. (2020). Wireless Security Challenges and Solutions. Journal of Network and Computer Applications.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.