Reference no: EM131497327
Scenario Assignment
In your role as a highly paid consultant, you are given a list of potential threats to and vulnerabilities of the current communication security protocols of an organization. You are asked to provide quantitative data to measure the likelihood that any of these threats will actually occur for the information assets of the client. Conduct research and describe resources you found that might provide insight into measuring the likelihood that some of the threats would actually occur. In the explanation, include whether you see a trend in resources that might indicate a specific industry is particularly involved in gathering this kind of data. Additionally, evaluate which communication security protocols are more effective and provide an explanation.
Prompt: In your role as a highly-paid consultant, you are given a list of potential threats to and vulnerabilities of the current communication security protocols of an organization. You are asked to provide quantitative data to measure the likelihood that any of these threats will actually occur for the information assets of the client. Conduct research and describe resources you found that might provide insight into measuring the likelihood that some of the threats would actually occur. In the explanation, include whether you see a trend in resources that might indicate a specific industry is particularly involved in gathering this kind of data. Additionally, evaluate which communication security protocols are more effective and provide an explanation.
List of Possible Threats/Vulnerabilities
• Spoofing is attempting to gain access to a system by using a false identity. This can be accomplished using stolen user credentials or a false IP address. After the attacker successfully gains access as a legitimate user or host, elevation of privileges or abuse using authorization can begin.
• Tampering is the unauthorized modification of data, for example, as it flows over a network between two computers.
• Repudiation is the ability of users (legitimate or otherwise) to deny that they performed specific actions or transactions. Without adequate auditing, repudiation attacks are difficult to prove.
• Information disclosureis the unwanted exposure of private data. For example, a user views the contents of a table or file he or she is not authorized to open, or monitors data passed in plain text over a network. Some examples of information disclosure vulnerabilities include the use of hidden form fields, comments embedded in webpages that contain database connection strings and connection details, and weak exception handling that can lead to internal system-level details being revealed to the client. Any of this information can be very useful to the attacker.
• Denial of service is the process of making a system or application unavailable. For example, a denial of service attack might be accomplished by bombarding a server with requests to consume all available system resources or by passing it malformed input data that can crash an application process.
• Elevation of privilege occurs when a user with limited privileges assumes the identity of a privileged user to gain privileged access to an application. For example, an attacker with limited privileges might elevate his or her privilege level to compromise and take control of a highly privileged and trusted process or account.
Guidelines for Submission:Your responses must be submitted as four to five pages long excluding references and cover page as a Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least four sources cited in APA format.Make sure you cite if you take a piece of someone's work, very important and your reference should relate to your writing (don't cite a reference because it relates to the course and not this very paper) at least 4 current and relevant academic references. No heavy paraphrasing of others work.
External oil and gas pipeline coating
: EXTERNAL OIL AND GAS PIPELINE COATING SELECTION AND PERFORMANCE - life cycle assessment of current and potential future materials.
|
Develop a swot matrix for yourself
: When constructing a SPACE Matrix, would it be appropriate to use a 1 to 10 scale for all axes?
|
What must coupon rate be on these bonds
: Ponzi Corporation has bonds on the market with 14.5 years to maturity, a YTM of 4.52 percent, What must the coupon rate be on these bonds?
|
Which stage and tool do you feel is most important and why
: Illustrate the strategy formulation framework that includes three stages and nine analytical tools. Which stage and tool do you feel is most important? Why?
|
Describe resources you found that might provide insight
: Conduct research and describe resources you found that might provide insight into measuring the likelihood that some of the threats would actually occur.
|
Develop a space matrix for a firm
: Develop an example SPACE Matrix for a global company that you are familiar with. Include two factors for each of the four axes (SP, IP, SP, and CP).
|
What must the coupon rate be on these bonds?
: What must the coupon rate be on these bonds?
|
Identify the risks involved in project
: Identify the risks involved in project related to cost in the perspective of the customer and analyse the probability of acceptance of such a project by customers.
|
What would be an appropriate sp rating for unilever
: Develop an example BCG Matrix for a company that has three divisions with revenues of 4, 8, and 12 and profits of 5, 3, and 2, respectively.
|