User Account

All Pages

Describe a layered security approach

Assignment Help Management Information Sys
Reference no: EM132254262

Case Study: The Distributed Denial of Service Attack

A recently distributed denial of service attack (DDoS) against a large DNS service provider showed the weaknesses inherent in the Internet domain name system. On October 21, 2016, during the early morning hours, users on the East Coast found difficulty in connecting with Amazon, Wired, the New York Times, and other websites.

The issues stemmed from the inability to lookup the IP addresses of these websites from the large DNS infrastructure company "DYN," located in New Hampshire. DNS is the phonebook for the Internet, allowing computers to change a human readable name such as "Amazon," seen in the web browser, to a machine-readable IP address, which in turn is used to connect to the remote server by the local computer.

Without the ability to lookup names and convert them to routable IP addresses, the human user would have to enter in the IP address by hand number by number, and thus destroy the usability of the Internet. This attack had three waves: the first at 7 a.m. EST, then early noon, and again at 4 p.m. EST. What was of interest was the size of the waves of attacks numbering in the tens of millions of devices sending numerous connections as well as the sources-webcams and DVRs.

had been unleashed by malicious actors was a botnet virus that targeted the Internet of Things devices (i.e., home security systems webcams, DVRs, and other "things"), which the owners left set to their default passwords. Once the botnet virus, called "Mirai," had spread throughout home user's network, all was ready for the call to attack by the command and control server against any target the hackers wanted.

The "DYN" attack and similar outages brings into focus three areas of concern to the security professional: legacy protocols (DNS) that were not designed with security as an integral aspect; the lack of accountability of service providers who transport malware and attack traffic; and finally, lack of responsibility by manufacturers and users to secure devices that have the potential to massively compromise our daily life.

The case is based on Newman, L. H. (2016, October 21). What We Know About Friday's Massive East Coast Internet Outage.

1. Describe a layered security approach that would prevent such a DDoS attack.

2. What measure could have allowed earlier detection of such an attack from the service provider and home networks?

With PGP, Phil Zimmermann experienced resistance from the U.S. government before being allowed to distribute it. Do an Internet search to find additional information about Zimmermann's case. Then, in a 1- to 2-page group report, perform the following:

Provide at least three reasons for this resistance.

Provide references for each of the three reasons that justify the concerns of the government as legitimate.

Identify the individual contributions of each member of the group.

Your report should be written in APA style.

Reference no: EM132254262

Questions Cloud

Statements is true regarding work? team : Which of the following statements is true regarding a work? team? In a? workgroup, _______________________.
Prove that regular languages are not closed : Prove that regular languages are not closed under subset. (if L is regular and L'?L, we cannot conclude L' is regular).
Describe cloud computing and the benefits : 1. Describe cloud computing and the benefits of the cloud to businesses. Describe Iaas, Paas, and Saas. What are the differences between the three.
Define the impact of language impairment on social skills : Observe and interview one or more certified K-8 classroom teachers about language and speech disorders and appropriate interventions.
Describe a layered security approach : What measure could have allowed earlier detection of such an attack from the service provider and home networks?
Different cryprtographic schemes and algorithms : What are the different methods used to exchange and distribute the keys involved in the different cryprtographic schemes and algorithms. Explain each
Provide a precise definition for motivation : Provide a precise definition for motivation. What can a manager do to improve their employees' motivation?
What is vertical integration : What is vertical integration? Give one example of backward and forward integration. Describe vendor managed inventory
Determine the cardinality ratio : Determine the cardinality ratio for each intuitive relationship shown below, Example Answers: (1:1), (1,M), (M,1), (M,N) and explain why:

Reviews

Write a Review

Management Information Sys Questions & Answers

  Identify ways that the organization can maintain its risk

Identify the organization's exposure to internal and external threats. Identify ways that the organization can maintain its risk.

  Determine what your main security consideration for method

Determine which three (3) attacks you want to include in your presentation and provide a brief description of each.

  Which has caused a shift in your revenues

Analyze economic theories that are germane to your provision of services and identify one theory that might apply to this specific situation.

  Why should we create mail marketing campaign for business

Why should we create mail Marketing campaign for our business (the important of the MailChimp tool).

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  What do you conclude about the economic feasibility

For what types of disasters would you need to create a business recovery plan? Ideas may be found athttp://www.ready.gov/be-informed. What parts and processes of your business would you duplicate offsite in order to recover swiftly after a disaste..

  Define what is meant by it project portfolio

Define what is meant by IT "project portfolio", and differentiate it from project management. Describe briefly the process by which executive management evaluates proposed projects, potentially accepting them into the active set of projects in exe..

  Design of the website for mobile devices

Purpose and goals of a mobile self-service.Resources necessary to achieve the desired outcome.Design of the Website for mobile devices.

  Articles on health information security

Articles on Health Information Security - The solution shows three articles with brief abstract and links about the security of health information.

  Discuss about the is strategic plan

Using the IS alignment work and the financial analysis from, submit a complete IS strategic plan. Your paper should include at least 5 references from peer-reviewed journals associated with how other companies are using the technologies you are re..

  What business benefits did the companies achieve

Identify two decisions at the organizations described in this case that were improved by using big data and two decisions that big data did not improve.

  What problems would arise in the organization

Formal systems are generally defined by messages arriving from external parties, suppliers, customers, regulatory agencies, and financial institutions. Informal systems augment formal systems since people generally need to engage in informal commu..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd