1.

Conditions that enhance disclosure to Denial of Service

A DoS occur when a service that usually should be available turns out to be
inaccessible. There can be plenty of causes for this non-availability, but it usually
happens because of management issues and work demand more than the capacity of a
system.

The DoS attack that is explained here is related to Distributed Denial of Service
(DDoS) that happens because of various groups of systems attacking single target. This is
usually settled through a Botnet, in which multiple devices are working to demand a
service at the same time.

As compared to other events like hacking or brute-force attacks, Denial of Service does
not break security rules and does not leak out the information. But still the image of the
company gets affected and causes a loss of large amount of money and time. Many of the
customer try to move to any other service provider because of the future security
concerns. A DoS attack causes an outbreak of blackmailers and activists affecting it. This
is the kind of situation companies never want to go through.

2. Infrastructure to reduce DoS attacks:

The attack can be prevented by specific precautionary steps. Following steps can
help to reduce the chances of attack:

● Try to regularly monitor the system outcome and analyze optimal

functioning of the disk, CPU, and networking panel. Continuously

regulate the system’s performance and immediately note any deviations
from the optimum values.

● Continue to monitor the networking packets and the nature of data that go

through networking panels.

● Regularly update the data and software that are currently available and

take seriously the warnings given by systems regarding any

malfunctioning.
 ● Insert any security device that is able to detect any DoS attack prior to the

attack.

● Have a complete track record of changes that occur during attack to

prevent similar event in the future.

● Record and monitor the details regarding (Schuba, 1997, p. 215)

The time of event

IP address during the attack
The opponents IP address
Further information and type of the attack

● Send a detail report of the event to service care provider and ask them for

help.

3. Processes that diminish DoS strike:

Denial of service striking events against public service agencies now occur more often.
Agencies must have a proper management system to overcome the emergency further
they should have ability to recognize and minimize the severity of the attack. The
purpose of this act is to enhance the efficiency of the working system. In response to any
situation “the first thing to do is to have a plan” a quote of Marc Gaffan, a founder of
cloud-based DDOS mitigation services. One should be prepared for any situation and
have a plan prior to the attack.
US-CERT found out that contact information should be included in plan for:

● External sources such as ISPs

● Hosting planners

● Security service

● Network management team

 “Having a proper communication mechanism is of vital importance for maximum
outcome” said Neal Quinn, operating head at Prolexic Technology Company. The way of
communication is the first factor to be disrupted during the emergency. The outcome of handling
attack solely depends on how the communication process is carried out during the event. Having
the prior management plan is as important as having the proper equipment.

One of the most important decisions is that is required to be made immediately is what is the
point of actual response to attack. Agencies do not want to cope with the situation like other
security issues. The situation is related to focus on the availability it should be reviewed as a
disaster management rather than an issue of security breach.

If there are separate teams for disaster management and security issues, then handling out the
attack to a different team can cause a loss of precious time. Denial of service is considered as
human-made attack that affects the performance at a large level.

The DoS attacking event can be treated as following events:

● A security breach event

● A disastrous response

● Continuous operation attacks

It is mandatory to identify the type of attack prior to generation of response. The type of traffic
approaching the system should be analyzed first rather than the influence of that traffic. If
information technology staff is unable to recognize the resources of attack and turn out to be
offline, the attack has been successful and vital time duration of response has been lost.

It is necessary to identify the source of fake traffic. Previous list of IP addresses and known
malicious sources can help, which helps in tracking the record of previous unknown attacks.
Attacking resources can be made online within no time and transferred to other sources quickly,
completely hiding the root cause of the attack. Identification of proper source of attack requires a
complete and accurate information regarding all the techniques and tools.
The level of understanding about the hacking source is related to intelligence. The higher scale of
intelligence is better, but it is not sufficient unless there are resources for analysis and
knowledge.

4. Policies used for identification of risk factors causing DoS:

When there are minimum chances to avoid the DoS, DDoS attack, companies set up a
prior management plan to reduce the chances of being attacked or minimize the severity of
attack.

● Get the company included in the DoS safety services in order to recognize the

malicious traffic and rearrange their direction opposite to your network panels.
Filters can be inserted to remove the traffic that seems to come from unknown
source.

● Implement a disaster management plan that aims to provide efficient

communication mechanism, reduction in severity, and proper recovery after

attack.

It is also an important aspect to make secure connection with all devices and make the system
more reliable.

● Antivirus software should be installed in the system and continuously update it.

● Install a firewall system that acts as filter and minimizes the traffic coming towards your

network.

● Regularly analyze the modern security services and update your security systems

according to the requirements. Follow proper security practices to reduce the unnecessary
traffic.

Signs of Attacking Event

Technology has changed almost every aspect of life. Computer media is one of the major part
of IT and Simulations and animations generated by computers have proved to be very helpful for
the understanding of complex issues that cannot be identified directly by human being.
Simulations and animations are the sources of efficient evidences that help jurors to find out
solutions of very complex cases. So, the decision making becomes easier for the jurors.
Decisions in courts decide the lives of the people. So, these decisions must be accurate and
authentic. Clarity and justice should be assured to make society free from crimes and injustice.
For that purpose computer media is considered as godfather of this era. There are specific
limitations of these evidences that can distract the jurors. But these limitations are known by the
jurors. So, they must act according to the security information through which they can make
accurate decisions. These computer tools can affect the jurors more than expected. So, the jurors
should not be influenced so much by the latest technology.

The signs appear as an unknown non-availability issue. It can be like a technical issue or
an IT administrator performing maintenance of the system. The symptoms that are
specific to Dos or DDoS attack are:

● Highly slow network performance speed

● Unavailability of the required website

● An inaccessible website networks.

The proper technique to identify an attack is to regularly monitor the website and perform a
thorough analysis. Traffic can be tracked through a built-in firewall detection system.

Policies that recognize the threat of Danial of service attack:

The denial of service is used to bind a website or hack a website after hacking it is not is used.
The website does not work and the worker does not work. It is a technology which is used to
switch off the machine. When the machine or network is of its means that it is not working. First
of all, Daniel of service attack is done by a child. It attacks in 1974 and power off the university
lab. It is noted that the largest attack from the DoS was the GitHub in 2018. There are two types
of Daniel of service attack, flooding attack, and crash attack (Okolica, 2011, p. 120).
How to recover deleted files:
Cyber services and electronic devices like mobile phones are used to investigate crime.
Computer forensics experts are the best to collect deleted data or damaged data from any
electronic device. It is a very tough process and a tough job because in this work it is necessary
to collect data very quickly. In this job, many skills are required about the computer and cyber-
attacks. A proper degree related to the computer is necessary for computer forensics experts. If
you want to become a computer forensics expert you should improve your skills and it is
necessary to have a master's degree in cybersecurity. Your typing skills must be very fast,
information about work is necessary and you have a clear mind. Documenting and reporting is
very important for computer forensics specialist. The best policy and best management are
required in this work. A person who is professional in his work can work as a computer forensics
expert. It is very important to have all these qualities which we discussed above. Proper
electronic devices and proper hardware and software are necessary for this work. If you use the
best software and hardware, you can work perfectly.
Information security strategy is vital for the management of security risks Information security
strategy is one of the latest and efficient way to provide coaching and consultation via
communication and consultation. Security consultation must include latest ways to assess the
risks at specific time to avoid the harms of security threats. It guarantees precision of the
planning and strategy. It assesses the expenses and security in an accurate way. IT roadmap
should be saved from the danger of systematic information security attacks. There are some
information that should be protected and secured. It should be decided that who should get these
information and who should not get it. Moreover, it should also be decided that where should it
be saved and located. Anti-virus programs and password are the essential parts of the strategy
(Carl, 2006, p. 85).
When you are working and accidentally some file and some data deleted by any mistakes or any
virus, it causes anger because you are working for few days or few weeks. In some cases, you
can search your deleted files in recycle bin. you can search and find your deleted file in recycle
bin just double click. Gain something is better than losing everything (Zhang, 2015, p. 3025).
Extracting used password:
Information security strategy is vital for the management of security risks Information security
strategy is one of the latest and efficient way to provide coaching and consultation via
communication and consultation. Security consultation must include latest ways to assess the
risks at specific time to avoid the harms of security threats. It guarantees precision of the
planning and strategy. It assesses the expenses and security in an accurate way. IT roadmap
should be saved from the danger of systematic information security attacks. There are following
steps that are included in the process of the use of reactive information security strategy to
provide consultation and coaching through reporting and communication in a company:

 Planning of going forward in security strategy development.

 Defining criteria for the initiation of the planning of a project.
 Efficient and readily response of the company to its cyber security attacks is one of the
most important step that should be taken by the company. It helps the company to assess
and eliminate security threats of the company.
 Setting up path through which the ultimate aim can be achieved via efficient planning.
 Analysis of cost and profits are done via information security strategy to assess the
performance of a company. This analysis help the employees to work at week aspects of
the company by making strategies by communicating with each other (Mahjabin, 2017, p.
13).

There are various popular software that make it difficult to break passwords. Tools like Winhex
are used to make documents cohere in Microsoft office software. It is known by us that
Fortitray.exe contains credentials after a failed or successful login. After that we have to press
Ctrl plus F for opening search in WinHex-Editor software. Now we should enter our password
and press OK. Hopefully, the results we are looking for will be provided. But we did not get the
result we should press F3 for finding next answer or next result. It is the fact that everything is
not lost in this process (Jamal, 2018, p. 256).
Protection is necessary to protect your data from hackers. Monitoring is the best way to protect
data. It is necessary to have good management and have a good monitoring system, if some
internal threats are present you can know about them very easily. In this case, if you have the
best monitoring system the chances of risks decrease. Be aware of the risks and the internal
threats. By using the best technology and best monitoring system you can stop hackers to hack
and stop them to leak any information.
Demand of forensic labs have been greatly increased in previous few years. So, complete filtered
dictionary with all the user’s passwords that were stored in various web browsers like fox and
chrome etc. To create a text file with passwords, just press Export button and all available
passwords can be assessed by password recovery tool. Another software that immediately extract
stored passwords is Elcomsoft version 3.20. It can extract passwords from enormous number of
emails of clients and various internet browsers. Largest browsers like Yandex browser, UC
browser, Chrome and QQ browser are added with the extraction tools (Tan, 2013, p. 450).

References:

Schuba, C.L., Krsul, I.V., Kuhn, M.G., Spafford, E.H., Sundaram, A. and Zamboni, D., 1997,

May. Analysis of a denial of service attack on TCP. In Proceedings. 1997 IEEE

Symposium on Security and Privacy (Cat. No. 97CB36097) (pp. 208-223). IEEE.
Okolica, J. and Peterson, G.L., 2011. Extracting the windows clipboard from physical

memory. digital investigation, 8, pp.S118-S124.

Carl, G., Kesidis, G., Brooks, R.R. and Rai, S., 2006. Denial-of-service attack-detection

techniques. IEEE Internet computing, 10(1), pp.82-89.

Zhang, H., Cheng, P., Shi, L. and Chen, J., 2015. Optimal denial-of-service attack scheduling

with energy constraint. IEEE Transactions on Automatic Control, 60(11), pp.3023-3028.

Mahjabin, T., Xiao, Y., Sun, G. and Jiang, W., 2017. A survey of distributed denial-of-service

attack, prevention, and mitigation techniques. International Journal of Distributed

Sensor Networks, 13(12), p.1550147717741463.

Jamal, T., Haider, Z., Butt, S.A. and Chohan, A., 2018. Denial of service attack in cooperative

networks. arXiv preprint arXiv:1810.11070.

Tan, Z., Jamdagni, A., He, X., Nanda, P. and Liu, R.P., 2013. A system for denial-of-service

attack detection based on multivariate correlation analysis. IEEE transactions on parallel

and distributed systems, 25(2), pp.447-456.