Task 1. Based on the case study, identify and analyse a

Added on - 21 Sep 2019

  • 11

    Pages

  • 4510

    Words

  • 962

    Views

  • 0

    Downloads

Trusted by +2 million users,
assist thousands of students everyday
Showing pages 1 to 4 of 11 pages
Task 1. Based on the case study, identify and analyse at least four (4)components of information security risk management that the Te Mata Estatecompany could have applied in response to security breaches of its system.Ans.As mention in above case study of “Te Mata Estate company” that one of theemployees shared some sensitive information to a hacker in exchange of money, sothere is need to follow these component as I mention below.Identify— In this part our aim to develop an understanding of thecybersecurity risks to systems, people, assets, data and capabilities. Need toaware our staff members about the hacking and how it is so risky to share alittle bit of company data to a stranger. Understanding the business context,current business needs and related risks helps organizations determinethreats and assign prioritize to their security efforts.Protect— Organizations implement appropriate safeguards and securitycontrols to protect their most critical assets against cyber threats. ForExample, here we can apply identity management system (Like ISE 2.0identity service Engine), that is very popular now a days and parallel applysome access control policies on network devices to set privileges, role andrules and keep promoting /awareness and provide training to staff.Detect— Organizations need to quickly detect events that could pose risks todata security with the help of some security device likeIDS (intrusionDetection System)helps to quickly detect intrusion on network (As it was anold technique). Usually organizations rely on continuous security monitoringby some monitoring tools and incident detection techniques and remedy tools.Organizations take action against a detected cybersecurity easily if they havesome auto prevention system ExampleIPS (intrusion preventionSystem),Its not only detect but also prevent from unnecessary attacks/malware as it is embedded byAMP (Advanced malware protection )that isalways connected with Cloud to update the latest signature of worms etc.Recover— Organizations develop and implement activities to restorecapabilities by having somepersonal data centre servicesthat wereimpacted by a security incident. This group of activities aims at supportingtimely recovery to normal operations to reduce the impact from attack, it alsoincludes recovery planning, improvements (e.g., introduction of new policiesor updates to existing policies).( Reference – CCNP Security SIAS)
Task 2. You are working as a security expert, evaluate whether the Te MataEstate company has followed the recommended assurance and compliancecomponents in enhancing the system security. At least three (3) componentsto beevaluated.Ans. Three components of enhancing the system security are:1.Confidentiality:When protecting information, we want to be able to restrict access to those who cansee it; everyone else should be disallowed from learning anything about its contents.This is the essence of confidentiality. For example, federal law requires thatcompany restrict access to unauthenticated user of sensitive information. Thecompany must be sure that only those who are authorized have access to viewdata / files.2.Integrity:Integrity is the assurance that the information being accessed has not been alteredand truly represents what is intended. Just as a person with integrity means what heor she says and can be trusted to consistently represent the truth, informationintegrity means information truly represents its intended meaning. Information canlose its integrity through malicious intent, such as when someone who is notauthorized makes a change in function to intentionally down something. An exampleof this would be when a hacker is hired to go into the company’s system and shoot aattack in system to downgrade it.3. Authentication:The most common way to identify someone is through their physical appearance, buthow do we identify someone sitting behind a computer screen or any system.Toolsfor authentication are used to ensure that the person accessing the information is,indeed, who they present themselves to be. Authentication can be accomplished byidentifying someone through one or more of three factors:something they know,something they have, orsomething they are. For example, the most commonform of authentication today is theuser ID and password. In this case, theauthentication is done by confirming something that the user knows (their ID andpassword). But after successfully authentication next step is to push user anauthorization policy with access list.(Reference CCNA – secure)
Task 3.a. Select three (3) information security risk management controls and threestandards.b. Identify and analyse these six controls and standards, which the Te MataEstate company could have utilised prior to setting up the information system.Ans. Three information security risk management controls are:1.IT Security Policies- This document sets the baseline standards of ITsecurity policy for Government bureaux/departments. It states what aspectsare of paramount importance.2.IT Security Guidelines: The document says on the policy requirements andsets the implementation standard on the security requirements specified in theBaseline IT Security Policy.3.Security Risk Assessment- This document provides the practical guidanceand reference for security risk assessment & audit in the Government.Three information security risk Standard are:1.ISO 27001- This document provides the ISO standards of the requirementsfor establishing, implementing, maintaining and continually improving aninformation security management system within the context of theorganization.2.COBIT-The Control Objectives for Information and related Technology(COBIT) is published by the Standards Board of Information Systems Auditand Control Association (ISACA) providing a control framework for thegovernance and management of enterprise IT.3.ITIL-This document introduces a collection of best practices in IT servicemanagement (ITSM) and focuses on the service processes of IT andconsiders the central role of the user.Task 4. Based on the case study, the incident (unethical hacking) which tookplace in 2008, evaluate how ethical hacking could have helped overcome TeMata company system breach.Ans. First we must go through it “What is Hacker or what its shades”Hackers may be good or bad depending upon the intentions or motivation behindtheir work.Black Hat Hacker (unethical Hacker)A black hat hacker is also known as a cracker, as these kinds of hackers possess apiece of good knowledge in computer networking, Network protocols, and system
administration, but these kinds of hackers are a reason for cybercrime as they hackthe systems for unethical reasons.White Hat Hacker (Ethical Hacker)A white hat hacker is the opposite version of the Blackhat hacker, these hackerspossess the same amount of knowledge as black hat hackers, but they use theknowledge in an ethical way, and they are network security professional so known asethical hackers.The ethical hacker works according to the ethics of hacking and protect the interestof individuals (likeTe Mata company system) on the internet as they are thecybersecurity professional. Ethical hacking is the authorized way of gainingpermission for the same. Ethical hackers are involved in an organization to penetratenetworks and systems with the purpose of discovering the vulnerabilities and fixingthem. The role of the ethical hacker is like that of a penetration tester, but they breakinto the systems legally and ethically.As ethical hacking is likely to be done with the permission of the victim or thetargeted system, the only way to tackle black hat hacking is tackling it through ethicalhacking.Task 5. Based on the case study, the security breach that took place in 2011 isan example of a Social engineering technique known as phishing. Identify andanalyse how phishing takes place and the counter measures that can beapplied to protect the company.Ans.Phishingis a method of trying to gather personal information usingdeceptive e-mails and websites.Phishing is a cyber-attack that uses disguised emailas a weapon. The goal is to trick the email recipient into believing that the messageis something they want or need — a request from their bank, for instance, or a notefrom someone in their company — and to click a link or download an attachment.Phishing take place with a help of phishing kit bundlesphishing websiteresources and tools that need only be installed on a server. Once installed, all theattacker needs to do is send out emails to potential victims.But we have counter measure that helps to protect over these attacks are:1.Inbound email sandboxingDeploy a solution that checks the safety of an emailed link when a user clicks on it.This protects against a new phishing tactic that I've seen from cybercriminals. Badguys send a brand-new URL in an email to their targets to get through theorganization's email security. The other tactic is when they inject malicious code intothe website right after delivery of the email URL. This URL will get past any standardspam solution.2.Real-time analysis and inspection of your web traffic
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Download This Document