Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

IT 380 Module Two Case Study Analysis Guidelines and Rubric Overview: This case

ID: 3875454 • Letter: I

Question

IT 380 Module Two Case Study Analysis Guidelines and Rubric Overview:

This case study will help you analyze a cybersecurity scenario and identify which tenets were violated. Each skill in this paper is an essential part of the final project and the accompanying milestones in this course.

Prompt: Use the information provided in the scenario to analyze the cybersecurity occurrence and determine which tenet(s) were violated. The required resources for this module detail a scenario at RSA that is similar to the one you will analyze for this assignment. Review each module resource and analyze the security breach that occurred with RSA. Note similarities between this example and the provided scenario for this assignment.

Scenario: In late May of 2011, LockheedMartin was targeted by a cyberattack. LockheedMartin claimed that they discovered the attack early and reacted quickly, with the result that no real harm was done. The basis for this breach was with twofactor authentication, where a “factor” in authentication can be something you know, something your are, or something you have. A twofactor authentication system requires you to present instances of two of these three to authenticate with a system. LockheedMartin employed a twofactor authentication system that combined a password (something you know) with SecurID, a system produced by RSA labs that provides the “something you have” factor.

A SecurID is a small key fob that displays a number, which changes every 60 seconds. Each key fob has a unique number called its seed, which determines what number is shown in the fob at any given point in time. The server stores your username, password hash, and the seed value for your key fob, and this allows it to determine what number is showing on your key fob (as the fob is synched with your account). When you authenticate, you enter your username and regular password, then you look at the key fob and enter in the number shown there. The authentication server knows what number should be shown at that time on the key fob, and so can verify that the key fob is indeed a thing you have. This is called a onetime password (OTP) system.

In March of 2011, someone attacked RSA with a relatively unsophisticated phishing attack with an attached Excel file with embedded code that exploited a zero day vulnerability in Adobe Flash.

This enabled attackers to set up a “backdoor”—a way for them to get into the computer—where the attackers were able to steal from RSA the seed values of SecurID key fobs.

In late May of 2011, the attack moved to LockheedMartin, where attackers managed to get a keylogger onto a company system. The keylogger recorded the username, password, and SecurID OTPs used by the victim when he or she authenticated, along with the date and time of the log in.

Twofactor authentication is designed for just this kind of scenario. The attacker cannot authenticate because knowing the username, password, and an old OTP is not enough; the current OTP is required. However, these attackers stole seed values. For a given seed value and date/time, they could calculate the number the key fob with that seed value would display at that date and time. All the attackers had to do was to write a program that would compute, for every stolen seed value, the number that would have been showing at the date and time the keylogger recorded the victim’s login. Once they found a match with the OTP the keylogger recorded, they would have matched a seed value with a username. This appeared as if the attackers actually had the key fobs themselves.

Critical Elements Your paper should include these critical elements:

Identification of cybersecurity tenets that were violated and rationale of cause

Analysis of cybersecurity occurrence and data defense

Recommendation of best practices to prevent further recurrence

Rubric Guidelines for Submission: Your paper should be submitted as a 2 to 3page Microsoft Word document with double spacing, 12point Times New Roman font, and oneinch margins. All sources must be cited in APA format if used.

Explanation / Answer

ANSWER:- Identification of cybersecurity tenets that were violated and rationale of cause

Analysis of cyber security occurrence and data defense

Mr. Martin had to work under CIS Control 4 i.e. Continuous Vulnerability Assessment and Remediation methods which causes the failure in regular acquire, assess, and taking action on new data in respect to identify vulnerabilities with remedies along with leaving minimum space for attackers/hackers .

These are main points which were to be handled securely by Mr. Martin:-

Recommendation of best practices to prevent further recurrence

The recommendations for the same are given below:-

Related Questions

ISCUSSION QUESTIONS S 12-1 Using the \"4A\'s\" framework in Figure 12.1, analyze
Question #417479
ISD 16-17 Communication Applications OC > Unit 4 Post Test Question 2 of 5 Instr
Question #3468740
ISD 16-17 Communication Applications OC> Unit 2 Post Test Maicn tne omerens teea
Question #3469727
ISDN is a popular data networking service offered by an Internet Service Provide
Question #3850741
ISE 2nd collegical Land Ueits Name Section EXERCISE 26 PROBLEMS-PART I Isine the
Question #292246
ISE 9-2 Sales and Production Budget ILO2] The marketing Rg department of Graber
Question #2583243
ISE Ion selective electrode determination of fluoride Section Give brief answers
Question #489407
ISEN 3710 Engineering Statistics 1. A production manager has data on three machi
Question #3043436
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
IT 342 Assignment 8 Due: 10 Apr 2018 1. If you have a system with multiple disk
Next
IT 420 Fall 2017 Homework 1 Note: Where applicable, units of the solution must b

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.