Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Enterprise Security Assignment

Verified

Added on 2023/06/03

AI Summary

This assignment discusses the impact of Stuxnet malicious worm on successful information management and the implementation of security frameworks like SABSA, TOGAF, and C4ISTAR. It also explains UN Charter Article 2(4) and UN Charter Article 51.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ENTERPRISE SECURITY ASSIGNMENT
Enterprise Security Assignment
Name of the Student:
Student ID:
Name of the University:
Author’s note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1ENTERPRISE SECURITY ASSIGNMENT
Executive Summary
The following assignment had been made on the development of the successful integration and
management. The management of the information for the development of security measures had
been listed in the organization. The malicious worm of Stuxnet had been largely affecting the
formation of the effective management of the activities. The assignment had been largely implied
with the continuation of the factors and alignment of the information management. The cyber
security threats had been largely implied with the factors and forming the major factorial
management. The Stuxnet had been implied with the continuation of the activities and alignment
of the factors defining the successful management of the information.

2ENTERPRISE SECURITY ASSIGNMENT
Table of Contents
1. Introduction..................................................................................................................................3
2. Description of Stuxnet Malicious Worm.....................................................................................3
3. Impact of implementing security frameworks.............................................................................5
4. Explanation of UN Charter Article 2(4) and UN Charter Article 51..........................................9
Conclusion.....................................................................................................................................11
References......................................................................................................................................12

3ENTERPRISE SECURITY ASSIGNMENT
1. Introduction
According to Du et al. (2016), Stuxnet is a malicious worm of system which has been
built jointly by American-Israeli weapon. It mainly targets PLCs (Program logic controller) that
allows automation of electromechanical process. It mainly leads control machinery on assembly
of factory lines, amusement rides and centrifugation of various nuclear materials. In the year of
2010, Stuxnet was first identified by the infosec community, when the development began in the
year of 2005. It comes up with unparalleled ability to spread and it comes up with widespread
rate of infection. It does little or no harm to various system who are not involved in enrichment.
When it attacks a particular system, then it checks the fact that whether it is connected to some
specific model of PLC ((Program logic controller) (Dyson, 2014). PCLs can be stated as the fact
that how computer interacts with control industry machinery.
In the coming pages of the report an idea has been provided regarding the various aspect
of Stuxnet like access control, Crypto, network security and lastly identity. After that a
quantitative risk analysis has been done. The risk analysis has been done on Iranian nuclear
research assets. A proper discussion has been provided on Enterprise security architecture (ESA)
framework SABSA and TOGAF. These frameworks have helped Iranian from various kinds of
attack like Stuxnet. The SABSA, TOGAF, and C4ISTAR security framework has comprised of
many elements for preventing the inclusion of the attacks and causing the information protection.
2. Description of Stuxnet Malicious Worm
Edwards (2014) stated that the Stuxnet attack source was there in a pen drive which
comes up with zero-day exploit. Removable storage was there in attack vector which is itself the
initial vector in the sequence of infection. Windows OS has been designed in such a way that it

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4ENTERPRISE SECURITY ASSIGNMENT
can provide removable storage and device which is portable in nature. It is considered to be a
good feature which can absorb be absorbed in industrial and USB environment ports. It is known
to be removable device which is needed for access the end points. It needs to be controlled so
that it can easily prevent any kind of infection in the system and loss of data. Since Stuxnet the
idea has been clear antivirus program tends to remains infective in stopping USB based exploit.
Various kind of device like flash drive and other portable devices are considered to be end points
for some known or unknown exploits (Faily & Faily, 2018). In many cases, signature based
detection can fail in the prevention of zero-day exploit attacks. If the given network is gapped
like an updating virus, then malware signature can be further delayed.
Stuxnet is considered to be an extremely sophisticated system which exploit multiple in
the old days (Howser & McMillin, 2014). It is known to be windows zero-day vulnerability
which infects various systems and its spreading. The main goal is all about infecting system but
to create real world physical effects. The main target is all about centrifugation for producing
enriched uranium which can power nuclear power and various reactors. In the year of 2005,
stuxent was developed but later on in the year of 2010 it was identified by infosec community
(Karch, 2016). This particular worm checks if the given system is connected to specific model of
programmable logic controller. After affecting the system, the worm tends to intend alter PLCs
programming which results in centrifugation for being too spun. It can be damaged or destroyed
for various kind of delicate equipment’s in the method. At the same instance, PLCs helps the
controller system about various kind of thing which are working that everything is almost fine
(Kenney, 2015). It ultimately makes the whole thing difficult and what is going too late. Stuxnet
software has been designed for attacking only some specific targets and so there is no way to
considered too technical blockbuster in the malware. It caused little or even no harm to various

5ENTERPRISE SECURITY ASSIGNMENT
system and networks which does not meet some of the particular requirement. The worm has
been designed in such a way that it can easily insert itself in some system where Siemens
software could not be found. It would infect the system from any kind of spreading of worm to
three others. It is considered to be first malware which has been discovered for subverted
industrial system (Rubin, 2016). There is large number of hardware computers which are used in
various industrial computers that are not internet connected.
Stuxnet worm mainly incorporates in the various level of propagation with the ultimate
goal of reaching and infecting the various project files (Kim & Lee, 2015). It is used in the
program from the PLC devices. For the beginning purpose, the worm manly targets the computer
which runs on Windows operating system. It does not work through any kind of flash drive. PLC
itself is not windows based system but rather it is a machine language device. Stuxnet mainly
changes a window computer so that they can get computer which can manage PCL. Stuxnet
comes up with various routine which is needed for identifying various PLC model (Baylon,
2017). This particular model helps in analyzing machine level instruction which will vary on
various PLC devices.
3. Impact of implementing security frameworks
Stuxnet is one of the most significant malware that had affected the functional
development of the activities within the information system (Carrara & Adams, 2016). The
management of the security activities was required with the utilization and forming the
significant improvement of the factors. The factors for the development had been implied with

6ENTERPRISE SECURITY ASSIGNMENT
the improvement of the successful management operations (Bambauer, 2014). The development
of the successful management activities had been aligned with the utilization and development of
the improved information management. The framework of SABSA, TOGAF, or C4ISTAR can
be implied for developing the effective formation and improvement. The use of the security
frameworks has been helpful for improving the utilization and development of successful
information management (Massacci, Ruprai, Collinson & Williams, 2016). The benefits of
implementing these frameworks are given below,
Operation Management: Stuxnet is a malicious virus developed for impacting the
continuation and development of the successful information management (Chen, 2014). The use
of the SABSA, TOGAF, and C4ISTAR frameworks has been helpful for implying with the
management of the successful development. The improvements had been helpful for listing the
improvements and managing the successful management process. The management of the
information had been implied for listing the probable development and information management.
The development of the improved functional development had been implied with the
continuation of security frameworks (Army, 2017). The management of the successful project
development and eased with the listing of the activities. The operation development has been
helpful for taking care of the information management and deploying the successful management
of the factors. The profit generation has been eased with the continuation of the probable
development of the information management. The successful integration of the activities has
been implied with the continuation of the improved operations for Iranian’s nuclear research
organization. The information management would help them in keeping the malicious software
away from the network (Farnsworth, 2015). The listing of the probable management of the
activities was helpful for the formation management and listing of the information management.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7ENTERPRISE SECURITY ASSIGNMENT
Pace of Operations: The pace of the operations had been successfully implied with the
improvement of the successful operations and developing faster activities. Stuxnet is responsible
for slowing the development of the successful information management (Kim & Lee, 2015).
There is a proper threat of information attack and misuse of the information. It has resulted in
forming the major setback in listing the successful management processing. The increment of the
pace of information has been eased with the utilization and development for the successful
management. The activities had been implied with the utilization of the activities and improving
the significant development management. The use of the SABSA, TOGAF, and C4ISTAR had
been developed for successful alignment of the information management (Yannakogeorgos &
Tikk, 2016). The framework had been implied with the improve management of the information
development. The increase of the pace of operations had been helpful for increasing the
improvement of the factors for the listing of the successful information development. The
frameworks would allow the listing of the successful information listing of the activities and
forming the management of the information (Baylon, 2017). The allowance of the factors for
development would help in easing the utilization and forming the management of the improved
management process.
Profit Analysis: The use of the SABSA, TOGAF, and C4ISTAR is helpful for easing the
management of the information development (Middleton, 2016). The listing of the probable
development model has been helpful for managing the information and improving the successful
completion of the project activities. The profit analysis had been eased with the simplification
and development for the factorial management. The listing of the information management has
been eased with the development of the successful development factors. The inclusion of the
factors for development had been implied with the formation of the successful information

8ENTERPRISE SECURITY ASSIGNMENT
management (Rubin, 2016). The analysis of the information would also help in keeping track of
the accounting information and forming the successful management of the information
development. The alignment of the information for the development of the improved activities
would keep the track of the data and information aligning with the successful management
activities. The listing of the probable functions would help in forming the probable information
management. The Stuxnet would not be able to indulge into the accounting information due to
the security measures of the frameworks of SABSA, TOGAF, and C4ISTAR (Peagler, 2014). It
would also provide scope for the improvement of the facilities of the development and
involvement of the security breach prevention.
Security Improvement: Stuxnet is the most critical factors causing issues in the
formation of the successive management of the information as it acts as an infiltrator causing the
attack on the system and extracting the information from the system (Virvilis, 2015). The
alignment would result in causing serious damage to the Iranian’s nuclear research operations.
The management of the successful information development had also eased the utilization of the
information. The SABSA, TOGAF, and C4ISTAR framework would allow the uses of the
security framework for preventing the inclusion of the attacks and causing the information
protection (Kenney, 2015). The uses of the successful frameworks had been helpful for keeping
the infiltrators checked and the probable information management. The framework has different
levels of improved security as it would result in listing the probable information alignment. The
successful information prevention would also be helpful for ensuring the improved information
management. The ensuring of the malware prevention would help in keeping information related
to nuclear research protected from the Stuxnet infiltration. The protection would be largely
helpful for keeping the track of the information and alignment for the development (Faily &

9ENTERPRISE SECURITY ASSIGNMENT
Faily, 2018). The listing of the successful management of the information development has been
helpful for aligning the utilization of the successful management of the information.
4. Explanation of UN Charter Article 2(4) and UN Charter Article 51
As stated in UN Charter Article 2(4) in the article by Moore (2015), “All members shall
refrain in their international relations from the threat or use of force against the territorial
integrity or political independence of any state, or in any other manner inconsistent with the
purposes of the United Nations.”
The article has focused on the development and alignment of the successful management
of the information and alignment of the information development. The UN Charter Article 2(4)
had been developed for ensuring the information refraining for the international commencement
(Massacci, Ruprai, Collinson & Williams, 2016). The article had allowed the significant
management of the threat and force prevention from the cyber security threats. The article had
stated that the members of the UN would be bounded by the factor for refraining of the analysis
of the information from the network. The information development had formed the major factors
in listing the development of the improved function development. The UN has declared that the
nations are not to threat or attack any other state by political or territorial means. The article has
helped in integrating the information and possible listing of the successful development
management. The inconsistent development of the information has been implied with the
continuation of the successful development management. The analysis had been done for making
sure that the UN states do not fight among each other (Howser & McMillin, 2014). The analysis
had resulted in forming the major communal harmony development for the states of the UN

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10ENTERPRISE SECURITY ASSIGNMENT
organization. Each of the information management had been helpful for making sure that the
people of UN lives in harmony.
As stated in UN Charter Article 51 in the article by Moore (2015), “Nothing in the
present Charter shall impair the inherent right of individual or collective self-defence if an
armed attack occurs against a Member of the United Nations, until the Security Council has
taken measures necessary to maintain international peace and security. Measures taken by
Members in the exercise of this right of self-defence shall be immediately reported to the Security
Council and shall not in any way affect the authority and responsibility of the Security Council
under the present Charter to take at any time such action as it deems necessary in order to
maintain or restore international peace and security.”
The UN Charter Article 51 had been done on the forming the inherent development of the
successful development and formation (Massacci, Ruprai, Collinson & Williams, 2016). The
charter documents had been aligned with the successful integration and development of the
successful development. The alignment had been done for making individual right development
for the collection of the self defence development. The listing of the probable management
acceptance had been implied with the utilization and development of information management.
The UN council has formed the strict development factors for improving the utilization of the
threat and force prevention from the cyber security threats (Howser & McMillin, 2014). The
article had stated that the members of the UN would be bounded by the factor for refraining of
the analysis of the information from the network. The article was developed for preventing the
possibility of international chaos and reserving the rights for the improvement facilities. The
analysis had been done for making sure that the UN states do not fight among each other. The
analysis had resulted in forming the major communal harmony development for the states of the

11ENTERPRISE SECURITY ASSIGNMENT
UN organization (Carrara & Adams, 2016). Each of the information management had been
helpful for making sure that the people of UN lives in harmony.
Conclusion
The information provided in this report had been done by considering the listing of the
factors of development and successful alignment of the improved development model. The
Stuxnet had been considered in this report for the development of the successive information
management. The study had resulted in taking care of the provisional development model. The
information development had also been helpful for taking care of the information development.
The assignment had included the development of the affective and improved functional
development. The security frameworks of SABSA, TOGAF, and C4ISTAR had been developed
for successful alignment of the information management. The framework had been implied with
the improve management of the information development. The benefits of implementing these
frameworks were operation management, increment of pace of operations, thorough profit
analysis, and security improvement for the Iranian’s nuclear research organization. The
protection had been largely helpful for keeping the track of the information and alignment for the
development. The SABSA, TOGAF, and C4ISTAR security framework had comprised of many
elements for preventing the inclusion of the attacks and causing the information protection. It
had even been helpful for keeping track of information and developing the successful
development of the improved functional development.

12ENTERPRISE SECURITY ASSIGNMENT
References
Army, U. S. (2017). US Army War College Information Operations Primer-Fundamentals of
Information Operations-Botnet, Stuxnet, Cyber Warfare, NSA, Service Organizations.
Bambauer, D. E. (2014). Schrodinger's Cybersecurity. UCDL Rev., 48, 791.
Baylon, C. (2017). Lessons from Stuxnet and the Realm of Cyber and Nuclear Security:
Implications for Ethics in Cyber Warfare. In Ethics and Policies for Cyber
Operations (pp. 213-229). Springer, Cham.
Carrara, B., & Adams, C. (2016, June). A survey and taxonomy aimed at the detection and
measurement of covert channels. In Proceedings of the 4th ACM Workshop on
Information Hiding and Multimedia Security (pp. 115-126). ACM.
Chen, T.M., 2014. Cyberterrorism after Stuxnet. ARMY WAR COLLEGE CARLISLE
BARRACKS PA STRATEGIC STUDIES INSTITUTE.
Du, J., Zhang, J., He, T., Li, Y., Su, Y., Tie, F., Liu, M., Harte, P.J. & Zhu, A.J., (2016). Stuxnet
Facilitates the Degradation of Polycomb Protein during Development. Developmental
cell, 37(6), pp.507-519.
Dyson, T., (2014). 2 European precision strike capabilities. Precision Strike Warfare and
International Intervention: Strategic, Ethico-Legal and Decisional Implications, p.33.
Edwards, C.I.P.M., (2014). An analysis of a cyberattack on a nuclear plant: The stuxnet
worm. Critical Infrastructure Protection, 116, p.59.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13ENTERPRISE SECURITY ASSIGNMENT
Faily, S. & Faily, S., (2018). Case Study: Defending Critical Infrastructure Against
Stuxnet. Designing Usable and Secure Software with IRIS and CAIRIS, pp.155-175.
Farnsworth, T. (2015). Countdown to Zero Day: Stuxnet and the Launch of the World's First
Digital Weapon. Arms Control Today, 45(2), 35.
Howser, G. & McMillin, B., (2014), June. A modal model of Stuxnet attacks on cyber-physical
systems: A matter of trust. In Software Security and Reliability (SERE), (2014) Eighth
International Conference on (pp. 225-234). IEEE.
Karch, F., (2016). Stuxnet Recruits the Proteasome to Take Down Polycomb. Developmental
cell, 37(6), pp.485-486.
Kenney, M., (2015). Cyber-terrorism in a post-stuxnet world. Orbis, 59(1), pp.111-128.
Kim, B. J., & Lee, S. W. (2015). Conceptual framework for understanding security requirements:
A Preliminary study on Stuxnet. In Requirements Engineering in the Big Data Era (pp.
135-146). Springer, Berlin, Heidelberg.
Massacci, F., Ruprai, R., Collinson, M., & Williams, J. (2016). Economic impacts of rules-
versus risk-based cybersecurity regulations for critical infrastructure providers. IEEE
Security & Privacy, 14(3), 52-60.
Middleton, A. (2016). Stuxnet: The World's First Cyber... Boomerang?. Interstate-Journal of
International Affairs, 2015(2).
Peagler, J. (2014). The Stuxnet Attack: A New Form of Warfare and the (In) Applicability of
Current International Law. Ariz. J. Int'l & Comp. L., 31, 399.

14ENTERPRISE SECURITY ASSIGNMENT
Rubin, W. (2016). Waging Wars in Cyberspace: How International Law On Aggression And
Self-Defense Falls Short Of Addressing Cyber Warfare. Could Iran Legally Retaliate For
The Stuxnet Attack? (Doctoral dissertation, Oberlin College).
Virvilis, N. (2015). Fighting an unfair battle: Unconventional defences against sophisticated
threats.
Yannakogeorgos, P. A., & Tikk, E. (2016, October). Stuxnet as cyber-enabled sanctions
enforcement. In Cyber Conflict (CyCon US), International Conference on (pp. 1-6).
IEEE.

1 out of 15

+13062052269

info@desklib.com

Enterprise Security Assignment

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

ITNET202A Enterprise Security Assignment 1

Consequences of Iranian Stuxnet Computer Worm on Identity, Access Control, Network Security and Crypto

Enterprise Security Assignment

ITNET202A Enterprise Security Assignment

Stuxnet Worm: A Threat to Cybersecurity

Stuxnet: A Qualitative Risk Analysis and Enterprise Security Architecture