Project Part 1: Risks, Threats, and Vulnerabilities Scenario Fullsoft, Inc. is a
ID: 3888813 • Letter: P
Question
Project Part 1: Risks, Threats, and Vulnerabilities
Scenario
Fullsoft, Inc. is a software development company based in New York City. Fullsoft’s software product
development code is kept confidential in an effort to safeguard the company’s competitive advantage in
the marketplace. Fullsoft recently experienced a malware attack; as a result, proprietary information
seems to have been leaked. The company is now in the process of recovering from this breach.
You are a security professional who reports into Fullsoft’s infrastructure operations team. The Chief
Technology Officer asks you and your colleagues to participate in a team meeting to discuss the incident
and its potential impact on the company.
Tasks
Prepare for the meeting by deliberating on the following questions:
• How would you assess the risks, threats, and/or vulnerabilities that may have allowed this
incident to occur, or could allow a similar incident to occur in the future?
• What insights about risks, threats, and/or vulnerabilities can you glean from reports of similar
incidents that have occurred in other organizations?
• What potential outcomes should the company anticipate as a result of the malware attack and
possible exposure of intellectual property?
• Which countermeasures would you recommend the company implement to detect current
vulnerabilities, respond to the effects of this and other successful attacks, and prevent future
incidents?
Part 2: System Hardening
Scenario
After the productive team meeting, Fullsoft’s CTO engages in further analysis and establishes a plan to
mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will
configure baseline security on all workstations. You will ensure that the antivirus software is running
properly, remove unnecessary software and services, and implement a control related to password
hacking attempts. You have been asked to train a new employee by demonstrating how to implement
system hardening on a local workstation.
Tasks
Ensure that you are logged in as an administrator. Using a computer that has Windows 7* installed:
Review the antivirus program and ensure it is up to date and running a full scan of the system.
Disable at least five unnecessary services from the default installation of Windows 7.
Configure audit logging to identify all failed password attempts into the system.
* If possible, complete these tasks using a personal computer with the default installation of Windows
7. If you do not own the necessary hardware and software, consult with your Instructor about
alternatives. After your work on this project is complete, you may need to return the settings to the
previous configuration.
Explanation / Answer
• How would you assess the risks, threats, and/or vulnerabilities that may have allowed this
incident to occur, or could allow a similar incident to occur in the future?
In order to give better security and access the risks, threats we need security team and management.
- So that they always Manage and maintain the network and network performance by monitoring them daily to avoid risks, threats, and vulnerabilities
- They always Identifying, installing and maintaining upgrades to the network when there is requirement.
- They always make sure that every malfunctions will be Troubleshooted and repaired.
- They always make sure that the user access are working fine with the network
- They make sure that they keep the backup and disaster recovery plan for a network shutdown or emergency.
- They Plan the network infrastructure for new user and new applications and services
- They Train the network team to provide support to end users
- They always Purchase and maintain the networking equipment and infrastructure whenever possible.
- They also Integrate the mobile devices and laptops into the organizations networks according to the users requirements to avoid risks and threats.
• What insights about risks, threats, and/or vulnerabilities can you glean from reports of similar
incidents that have occurred in other organizations?
- We may get the risks and threats in the future. But we should make sure that we are prepared for any kind of threats and risks.
- For that we need a better security department to order to control and avoid risks, threats, and vulnerabilities.
- Mainly we will keep a track of all the risks and threats which we have faced in the past. And we will make sure to overcome those risks in future.
- No only overcoming the risks but also develope the better security cautions and roles and responsibilities of a security team.
• What potential outcomes should the company anticipate as a result of the malware attack and
possible exposure of intellectual property?
- Adopting the mindset of the IT team to prioritize the most business critical parts.
- The network and use network segmentation to achieve the creation of network zones and limits the ability for a hacker to move laterally across a compromised network.
- Network segmentation requires continual updates and configurations in servers and systems in banks for better security and they must maintain the difference between a hacker and employees for troubling the computer and helping themselves to the banks ATM systems.
- Better to Implement an enterprise wide security policy to serve as a crucial road map for any bank IT team to maintain the security architecture.
- We should protect the banks systems and findout the best way for the network to operate with minimal risk.
- The security policy should always take the consideration for all the regulatory and enterprise compliance which are require and how to apply timely patches to maintain compliance in the business.
• Which countermeasures would you recommend the company implement to detect current
vulnerabilities, respond to the effects of this and other successful attacks, and prevent future
incidents?
- There should be a good Security policy enforcement. So that the security policy can defines how the IT platform behaves and validate that it is being enforced across our network.
- Doing the minimal amount of security precautions and security steps with some regulations wont make our network safer. So the Organizations must monitor their network for changes to configurations and ensure the changes are approved and compliant with the policy maintained.
- Bank robbers are not committing physical acts in present days. There is a new generation of cybercriminals has been intimated the knowledge of banking systems and inner workings which are using the vulnerabilities to their advantage.
- So While managing the network security it can be a complex, resource intensive task, it is a crucial part for all the senior management and they cant have an accurate picture of the security posture at all times and they cant have the ability to act quickly to close the gaps in the business.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.