Ask a question from expert

Ask now

Audit & Critique of a Hacking Incident | Snowdenia

12 Pages3133 Words401 Views
   

Added on  2019-09-16

Audit & Critique of a Hacking Incident | Snowdenia

   Added on 2019-09-16

BookmarkShareRelated Documents
Running head: SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTSecurity, Audit & Critique Of A Hacking Incident At Snowdenia County CouncilYour Name (First M. Last)School or Institution Name (University at Place or Town, State)1
Audit & Critique of a Hacking Incident | Snowdenia_1
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTTable of ContentsAbstract............................................................................................................................................3Security, Audit & Critique Of A Hacking Incident At Snowdenia County Council.......................4How To Ensure Secure Operations (Confidentiality, Integrity, Availability)?...............................4Confidentiality.....................................................................................................................5Integrity................................................................................................................................6Availability..........................................................................................................................6Policies and Procedures.......................................................................................................7Auditing/Testing Approach for Security and Better Compliance....................................................8Critique of Hacking Attack..............................................................................................................8Conclusion.......................................................................................................................................9Recommendations..........................................................................................................................10References......................................................................................................................................112
Audit & Critique of a Hacking Incident | Snowdenia_2
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTAbstractAnything that is of importance will be stolen or at least attempts will be made to steal it, both from outsiders and insiders. This holds for digital assets also and securing the data in transit, and at rest is an inherent responsibility of every network worth its salt. The security of a network boils down to three core concepts which have to work together. These are confidentiality, integrity and availability, commonly referred to as CIA or more recently as AIC to avoid confusion with a government agency of America. This paper is focused on the Republic of Snowdenia County Council and the recent hacking attack and will explore the tenets of AIC, in addition to critiquing the attack and providing guidelines for auditing/testing approach for the council.Keywords: Snowdenia County Council, network, security, hacking3
Audit & Critique of a Hacking Incident | Snowdenia_3
SECURITY, AUDIT & CRITIQUE OF A HACKING INCIDENTSecurity, Audit & Critique Of A Hacking Incident At Snowdenia County CouncilIt is human nature to attempt to get an unfair advantage, to exploit the system and get benefits from the labour of someone else. Any organisation maintaining computer networks would do much better to accept this as a part of daily routine and design their networks accordingly. Network security is an important issue because of their utilisation and indispensability for storing, accessing, and providing business information, internally as well as externally to suppliers and customers [1]. The violations can not only occur from outside but inside the network also. As an illustration, the focus of this paper, the Republic of Snowdenia County Council, got attacked from inside when an employee launched a three-pronged intrusion,based on the Man-in-the-Middle (ARP poisoning) attack, password cracking, and access via an Internet WiFi facility offered for roving staff working at home. This attack will be critiqued later in the paper.The security of a computer network can be distilled into three concepts - confidentiality, integrity and availability. These are referred to as the CIA triad or more recently as AIC triad, to avoid confusion with the Central Intelligence Agency of America [2]. This paper will explore theAIC triad, critique the above-mentioned attack, and provide broad guidelines for auditing/testing to help ensure a more secure as well as more compliant organisation.How To Ensure Secure Operations (Confidentiality, Integrity, Availability)? The three tenets of a secure computer network are Confidentiality, Integrity, and Availability (AIC) and these three must be present and work in tandem. These three require services and cooperation of the entire organisation.4
Audit & Critique of a Hacking Incident | Snowdenia_4

End of preview

Want to access all the pages? Upload your documents or become a member.