Smartphones have become an integral part of our daily lives, be it as a source for business information or for pure personal use. One of the most popular technologies now available for any standard mobile phone is Bluetooth. Bluetooth is a wireless, secure, and international standard that provides communication between the Bluetooth-enabled devices in a short-range network (typically 1-50 meters). Bluetooth connects devices on a personal area network (PAN), such as a computer, printer, scanner, and fax machine, in a home office setup. For smartphones, a user would typically hook up a Bluetooth-enabled earpiece and work with the smartphone hands-free.

Even though Bluetooth is short-range and only available to the devices within the PAN, it can still pose a major security threat, as hackers are now able to develop software that can eavesdrop between Bluetooth devices and a cell phone. There are additional threats that render Bluetooth networks unsecure.

Prepare a 4- to 5-page research paper (APA-formatted) on Bluetooth security. Evaluate the particular security risks posed by Bluetooth devices and specific measures (taken by network security managers and users) that can improve Bluetooth security. Address the following questions:

What is Bluetooth “eavesdropping”? How is this attack attempted, and how can it be avoided?

What is an impersonation attack? How likely is it that this type of attack will work? Why?

How is a pairing attack carried out? What are the main requirements for the attack, and what are some methods for protecting against it?

Find two types of attacks that are associated with problems or flaws with Bluetooth implementation. List these attacks, how they are carried out, how likely they are to succeed, and methods to prevent them.

Discussion 1

Intrusion detection methods depend on the following assumption: that the behavior of an intruder differs measurably from the behavior of a legitimate user. The two methods you learned about for detecting intrusions, statistical anomaly detection and rule-based detection, differ fundamentally in their approach to distinguishing between intruders and legitimate users.

For this Discussion, create and describe a scenario of a set of computer systems and how they are used within a particular organization. Explain how successful each of the detection methods above would be in detecting an intrusion in that scenario. Do you think either one would be able to detect an intrusion in time to prevent the intruder from doing anything malicious? Why or why not?

Discussion 2

Networking monitoring tools allow system administrators the ability to analyze network performance, pinpoints failed network components, send notifications of system outages, and monitors for security issues. There are a large variety of network monitoring tools available commercially and free.

For this discussion read the article “The Top 20 Free Network Monitoring and Analysis Tools for Sys Admins”. Also search Walden University library and the internet for network monitoring tools. Pick two of the network monitoring tools and write a comparison of the features offered in those tools. Specify which tool you feel has the best features.

Assignment: Malicious SoftwareThis unit introduced you to malicious software. It divided malicious software into two broad categories: parasitic software, which are subprograms or fragments of programs that require other system applications or utility software in order to run, and independent malware, which are self-contained programs that can run on their own.

Three key types of malicious software (viruses, worms, and distributed denial of service attacks) were then defined, along with the evolution of methods for handling them.

Part 1: Overview of Malicious Programs

Name and describe the five main categories of malicious software. Provide an example of each that differs from the example provided in the text. Rank these categories from most dangerous to least dangerous, and provide a rationale for your ranking.

Part 2: Key Topics

Explain the fundamental differences between viruses, worms, and distributed denial of service attacks (DDoS).

Part 3: Countermeasures

• Describe the countermeasures available to defend against viruses. How did these countermeasures evolve? Are the current countermeasures sufficient for handling existing virus threats? Why or why not?
• Describe the countermeasures available to defend against worms. How do these compare to those available for viruses? How are countermeasure schemes combined to combat worms?
• Describe the countermeasures available to defend against DDoS attacks. Are these countermeasures sufficient for handling existing attack methods? How do you believe they could evolve to provide greater protection?