logo

The main reason for not decommissioning the older

   

Added on  2022-08-18

8 Pages449 Words13 Views
Running head: CYBERSECURITY
Cyber Security
Name of the Student
Name of the University
Author’s Note

1
CYBERSECURITY
Task 2
Part 1 – Group Exercise
The main reason for not decommissioning the older website was that the new website was
created on the old platform. Since there are no user management, no privileges were assigned
depending on the job roles. Periodically no vulnerability or penetration testing was performed on
the web server that caused the same server that hosted the old website was used for hosting the
new website and thus leaves it vulnerable to different type of attacks. Since the old website was
not decommissioned and the accounts of the old employees was not deleted the employees can
access the webserver using their privilege and thus can perform exploitation for compromising
the security of the current website. During the changes made in the webserver the admin and the
admin staffs was not notified since there was no IDS system used and the hacker had modified
the log file for covering the track of access. The log files was modified for deleting the evidence
along with the temporary files. There was no protection such as intrusion detection or prevention
system installed and this caused the unauthroised user to access the system without getting
detected. There was no backup plan created for backing up data residing in the webserver and
after the attack the IT staff started taking backup of the current files. Since the attacker cannot
distinguish the old and new files he tried to take backup of the whole server. There was no
monitoring tool installed in the web server and thus no automatic notification was generated.
Since the server was installed outsize DMZ zone the outsiders are allowed to access the server
for the admin and root users.

2
CYBERSECURITY
Part 2 – Information Gathering Script
1. Obtaining all names of unique people sorted alphabetically

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Pen Testing | Questions and Answers
|8
|619
|55

Security in Computing and IT PDF
|3
|619
|13

Ethical Hacking and Defence: A Case Study
|19
|1954
|321

Cyber Security Threat Management | Assignment
|9
|2180
|85

Design of System Components and User Interfaces
|15
|2493
|98

Microsoft Data Access Components Vulnerability Report
|5
|801
|430