|
|
Security testing of IPv6 family protocols and related vulnerabilities
Vopálka, Matěj ; Phan, Viet Anh (referee) ; Jeřábek, Jan (advisor)
This thesis discusses the Internet Protocol version 6 (IPv6), especially the secure deployment of the protocol. The thesis deals with the shortcomings of IPv4 protocol and reason of development of IPv6 protocol. It covers topics like IPv6 addressing, structure of frames, the initial types of IPv6 extension headers. Additionally, the thesis explores related protocols to IPv6, such as NDP, SLAAC, adn DHCPv6. The thesis provides an introduction to penetration testing, describes the basic types of hackers and gives a general overview of information security attacks. The practical part is devoted to the development of an application for automatic vulnerability testing of IPv6 networks Penvuhu6. The tool is developed in Python programming language using Scapy library. Penvuhu6 has been tested in an emulated network environment with the GNS3 program. Three test scenarios were developed for the tool focusing on testing the passage of repetitive and misaligned headers, overlapping fragments, and Router advertisement and DHCPv6 advertisement messages. Penvuhu6 was tested on an emulated RouterOS device with basic and restrictive configurations.
|
|
|
The Impacts of a Ransomware Attack: Risk Management and Implementation of the Minimal Security Standard
Syrovátková, Lucie ; Alena,, Rybáková (referee) ; Sedlák, Petr (advisor)
The aim of the thesis is to implement cyber security in a small company as a result of a suffered ransomware attack based on the requirements of the Minimal Security Standard, which is a support material for entities that are not regulated by the Cyber Security Act in the Czech Republic. The main goal is achieved through the three main parts into which the thesis is divided. The introductory part is a theoretical support for the remainder of the thesis and contains the main concepts and areas that are used in the thesis. The analytical part focuses on the description of a possible vector of a ransomware attack and its consequences. In the second part of the analytical chapter, the current situation of the company is assessed in comparison to the requirements of the Minimal Security Standard. The last part proposes specific security measures, creation of security policies adapted to the company's capabilities and an economic evaluation.
|
|
|
Mapping Cyber Security Measures: From Legislation to Technical Implementation
Hopp, Jiří ; MSc, Mezera Michal, (referee) ; Sedlák, Petr (advisor)
In my thesis, I focused on creating a systematic tool for mapping technical measures and mitigations to national legislative cybersecurity requirements. I conducted an analysis of the addressed issue, which revealed opportunities for developing the tool and revealed forthcoming changes in legislative requirements based on the EU directive NIS2. In the following part of the thesis, I described the design and development of the mentioned tool in the form of a table. The tool met the client's requirements and mapped relevant technical measures to individual points of the current and NIS2-derived legislative requirements. Based on consultations with the client, I determined that the objectives outlined in the thesis were successfully met and that the developed tool will be utilized in a real-world environment.
|
|
|
Design of smart home control systém and security management
Valentová, Kateřina ; Kubek, Ján (referee) ; Sedlák, Petr (advisor)
This master's thesis is focused on design of smart home control system with focus onsecurity of system in terms of information, network and physical security. Design is based on the requirements of the house owner and his needs. In thesis is assembled risk analysis with security measures to the individual threats. Complete design of cable system is not a part of this work, thesis is particularly focused on questions about security of the entire intelligent system.
|
|
|
Building security awareness at the Faculty of Business and Management
Volfová, Jana ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
|
|
| |
|
|
Information System Assessment and Proposal of ICT Modification
Závodný, Jiří ; Novák, Lukáš (referee) ; Koch, Miloš (advisor)
The bachelor thesis is focused on the analysis of the information system in XCR Svorada s.r.o. and a subsequent proposal for amendments. The first part is devoted to the theoretical background needed to understand the issue. Furthermore, the analysis of the company, its internal and external environment, the analysis of the information system used and in the last part of the proposal changes for improving, streamlining and simplifying the work with the information system.
|
|
|
Solution of Internal Threats in the Information Security Management System
Trčka, Martin ; Sopuch, Zbyněk (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with internal threats in the organization and their restriction with the assistance of DLP system. The first part of the thesis discusses the information security management system and describes requirements for the introduction of the ISO/IEC 27000 standards series. Next chapters detail internal threats and technical description of the DLP system. The second part of the thesis analyzes the organization and describes the process of implementation of DLP solution, which aims to reduce internal threats. The conclusion of the thesis describes acceptance agreement and financial evaluation of the implementation.
|
|
| |
|
|
Acquisition of email communication security service according to ISMS
Foltýn, Adam ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on a proposal of acquisition of email communication security service according to ISMS for a company which provides trading services on financial markets. The thesis is divided into three parts. In the theoretical part, necessary terms and theoretical essentials are explained in order to ensure understanding of the following parts of the thesis. The following analytical part describes the company's current security status of information. As a solution in the final part of the thesis, partial risk analyses are conducted. Based on these, suitable options for email communication security measures are proposed as well as their the economical evaluation.
|
guest ::
