Trusted by 2+ million users, 1000+ happy students everyday
CERT Assessment ToolToday as we know that all the operations are being handled by information technology department. The companies and organizations working on these platforms are well aware of the arising security issues. They have postulated different components to deal proactively with these attacks that include prevention, direction, and response. Prevention methodology implements in-depth knowledge of security policies, a well-defined network system with the use of updated andmodern firewalls and multi-level authentication systems to limit hacking of confidential information. CERT assessment tool only assesses the vulnerability of the network system, whereas the information system currently being used by companies depicts vulnerability assessment and penetration analysis. Using both these parameters will help to identify issues within the system, server, and database while checking and defining vulnerability will only highlight the system loopholes. Their fundamental role is to develop various programs and software's that comply with users and does not compromise the safety and security of the confidential information. The more indulgence and relying on these information systems and channels have drastically increased cyber-attacks, where some individuals or a group of persons try to hack these information systems to gain access to confidential public and government information that can disrupt the economy and routine life. Apart from these factors, the leak also compromises financial status and can endanger the life of human beings. These operations offer a variety of roles in various segments that includes their potential in energy delivery, backup generators, linking railway and airport systems, etc. All these services were extended to the commercial and public sector and are provided by the CERT Assessment Tool that increases Security Incident Responder's Ability to Assess Risk (Connell, 2013). As the tool links all the major systems and domains and offers a wide variety of functions, a single bug in the server can cause all these domains to stop at a single time. All the information will be located in a single 1
CERT Assessment Tooldatabase which will make the database more prone to cyber-attacks as the cyber bullies can extract information from a single database. Moreover, the company claims to have built a user-friendly software, which can give more access to individuals and loopholes. The access of information will be made easier and to everyone. Conventional approach that does not allow sharing off blueprints with each other even in case of cyber-attacks, which can compromise the confidentiality of the company and can be accessed later by any company but in comparison to CERT assessment tool that assesses probability of risk, that can be manipulated at any time and can risk information without knowing the bug. The blueprints are handled by every company on their own but by outsourcing the security system responsibility to the third party by giving accessto their data can lead to several major failures. As the approach to building this software was motivated after the incident where several credit and debit cards were hacked. These redundancies can be removed by using secure authentication processes (HU, 2005) that involve use of double authentication process, SIM toolkit and J2ME platforms. For using the digital platform, a security code is sent to the concerned person, who then enters and confirms that the transaction is made by him. If all the transactions are based on these security protocols, there is no need of relying on these third party system to assess the risk. The use of this tool will create unnecessary ruckus not only to companies and different sectors but also among small users and will create a vibe that their systems, accounts are prone to cyber-attacks at all times. This will tend to create instability and may experience withdrawal symptoms for using information systems. The next drawback associated with the use of CERT assessment tool is the forging of coordinates. If the coordinates are forged, it won't allow determining the risk associated with the attack. Giving access to the third party for maintaining information safety system will comply with legal procedures that again demands to share of data before the law and that information can2
Found this document preview useful?
You are reading a preview Upload your documents to download or Become a Desklib member to get accesss