Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Alabama Life and Casualty Insurance Corporation specializes in underwriting comm

ID: 3679463 • Letter: A

Question

Alabama Life and Casualty Insurance Corporation specializes in underwriting commercial farm policies throughout the southern United States. The company’s Chief Information Officer (CIO) has become increasingly concerned that one of the company’s recent hires, a tech-savvy actuary, is directly accessing several production SQL Server databases using unapproved tools and access methods. Before approaching the employee’s supervisor, he has asked you, as the database administrator, to gather some additional information on the client application, network protocol, and queries that he believes the actuary is using on a routine basis. Your SQL Server 2012 instance is configured for Windows authentication only, and you manage role security using Active Directory. The database server is accessible only from within the Local Area Network (LAN), and no firewalls are present between the server and client applications. Your discussion board assignment is to: •Describe the potential pitfalls you envision in trying to execute this plan. •Explain which data elements you think will be most challenging to capture, and why

Explanation / Answer

The various pitfalls are:

1.Unauthenticated access to data:As there is no firewalls the information between client and server maybe accessed by a third party and data can be corrupted leading to a denail of service attack where a resource might not be available when the user wants and tries to access it.It can lead to damage to data which must be hidden from the outside world and intruders.

2.sql injection can be done by hacker using sql scripts posing as a normal user.As a result there will be a huge threat to the entire database .

data elelemnts which will be challenging to capture:

1.Since there is no packet inspection data flowing between client and server might be easily captured by hackers.

2.Important details of database like tables might be accessed by sql injction and data related to tables(example.salary of employee,name) etc maybe hacked and maybe misused by the unknown user.

Related Questions

Al OT the above. 42) A) Transcription. B) Conjugation. C) Transformation. D) Tra
Question #204310
Al Organic chemicals casot witstand te gh tegnaus sotie. B) Organic chemistry bb
Question #695059
Al Simpson helped start Excel Systems in 2010. At the time, he purchased 110,000
Question #2803026
Al Simpson helped start Excel Systems in 2010. At the time, he purchased 120,000
Question #2628537
Al Vincent has decided to retire to Arizona in 12 years. What amount should Al i
Question #2777930
Al a Mode, Inc., is considering one of two investment options. Option 1 is a $28
Question #2456153
Al a Mode, Inc., is considering one of two investment options. Option 1 is a $28
Question #2748660
Al a Mode, Inc., is considering one of two investment options. Option 1 is a $34
Question #2471387
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Alabama Instruments Company has set up a production line to manufacture a new ca
Next
Alabama Life and Casualty Insurance Corporation specializes in underwriting comm

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.