Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Identify a scenario where two instances of suspicious intrusive activities were

ID: 3821884 • Letter: I

Question

Identify a scenario where two instances of suspicious intrusive activities were detected in a computer information system. The two activities might or might not be of the same type (i.e., spam, phishing, DOS, etc.).

Briefly describe the scenario. For each activity, how would you determine if it was legitimate network traffic or an attack?

Next, suppose you have discovered that one of the two instances of activities in the above scenario was an attack.

1. Explain if it’s an attack against confidentiality, integrity, or availability and explain the level of impact of the attack.

2. How would you determine the motivation of the attacker, and what other types of attacks might you need to anticipate based on that motivation?

3. What countermeasures would you develop to defend against the anticipated attacks based on that motivation?

Explanation / Answer

confidentiality, integrity, or availability are also called as CIA triads.

Confidentiality:

Confidentiality is roughly similar to privacy. Measures undertaken to make sure confidentiality ar designed to forestall sensitive data from reaching the incorrect individuals, whereas ensuring that the proper individuals will in reality get it: Access should be restricted to those approved to look at the information in question. it's common, as well, for knowledge to be classified in step with the quantity and sort of injury that might be done ought to it constitute accidental hands. additional or less tight measures will then be enforced in step with those classes.

Sometimes safeguarding knowledge confidentiality could involve special coaching for those aware of such documents. Such coaching would generally embrace security risks that might threaten this data. coaching will facilitate familiarise approved individuals with risk factors and the way to protect against them. more aspects of coaching will embrace robust passwords and password-related best practices and data regarding social engineering strategies, to forestall them from bending data-handling rules with smart intentions and doubtless unfortunate results.

Integrity:

Integrity involves maintaining the consistency, accuracy, and trustiness of knowledge over its entire life cycle. knowledge should not be modified in transit, and steps should be taken to confirm that knowledge can't be altered by unauthorized individuals (for example, during a breach of confidentiality). These measures embrace file permissions and user access controls. Version control maybe wont to prevent erroneous changes or accidental deletion by authorized users becoming a tangle. In addition, some means must be in place to detect any changes in data that might occur as a result of non-human-caused events such as an electromagnetic pulsate or server break down. Some information may include checksums, even cryptographic checksums, for verification of integrity. Backups or redundancies must be available to restore the affected records to its exact condition.

Availability:

Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed and maintaining a correctly functioning operating system environment that is free of software conflicts. It’s additionally necessary to stay current with all necessary system upgrades. Providing adequate communication information measure and preventing the incidence of bottlenecks square measure equally necessary. Redundancy, failover, RAID even high-availability clusters will mitigate serious consequences once hardware problems do occur. quick and adaptational disaster recovery is crucial for the worst case scenarios; that capability is dependent on the existence of a comprehensive disaster recovery arrange (DRP). Safeguards against knowledge loss or interruptions in connections should embrace unpredictable events like natural disasters and hearth. to stop knowledge loss from such occurrences, a backup copy is also keep during a geographically-isolated location, even perhaps during a fireproof, waterproof safe. additional security instrumentality or computer code like firewalls and proxy servers will guard against time period and unapproachable knowledge thanks to malicious actions like denial-of-service (DoS) attacks and network intrusions.

Related Questions

Identify a National or State policy that impacts nursing. Include both the polic
Question #137117
Identify a \"best practice\" derived from the memory research to help profession
Question #3448710
Identify a \"real-world\" example or personal experience that correlates with th
Question #2354248
Identify a biblical example (either positive or negative) that connects with the
Question #2354247
Identify a business (e.g., restaurant, hotel, a catering service, etc) in the ho
Question #3587291
Identify a business or personal financial transaction. (You can choose any one y
Question #2419507
Identify a business problem or opportunity at a company where you work or with w
Question #454182
Identify a business process that has ALREADY been improved with an Information S
Question #3724106
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Identify a sample of food companies. For example, you could try Campbell Soup (C
Next
Identify a set of processor parameters and structures. You need to define the co

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.