User Account

All Pages

Explain which of the CIA components was not followed

Assignment Help Other Subject
Reference no: EM132950050 , Length: word count:1000

LAB 1 - CIA and Identity Theft

Confidentiality, Integrity, Availability

Part 1
Within your organization, you have a server called Server1 that is running Windows Server 2008 R2. On Server1, you create and share a folder called Data on the C drive. Within the Data folder, you create a folder for each user within your organization. You then place each person's electronic paycheck in his or her folder. Later, you find out that John could go in and change some of the electronic paychecks and delete others.

Explain which of the CIA components was not followed in this scenario.
The CIA component fail was Integrity, because did not maintain the expected state of the information due to it was modifying for John.

Part 2

Is it a breach of confidentiality, integrity, or availability? Answer the following questions:
1. How did the 2017 Equifax exposure of 143 million records breach the CIA Triad?
Some hackers won access to systems by exploiting a website application vulnerability to gain access to certain files by software that had not to update on Equifax servers (Wikipedia, June 2021).

2. Downloading what appears to be a legitimate app, a user installs malware that contains keylogging software. What type of breach is the downloading of malware?
The type of malware is Spyware that infects the computer or network and steals information and any other valuable data, however not always is illegal software malware(Malwarebytes website)

3. An email phishing attack results in ransomware, in which the files and folders on a computer are encrypted. What type of breach is ransomware?
The ransomware is a form of malware that some files are encrypted and, the organization or person has to pay a ransom to retrieve access to the data(csoonline.com).

4. How do fake social media accounts breach the CIA Triad?

Confidentiality is a major flaw in social media safety, but depending on how you use the network, you may limit who sees your information. Spread propaganda and disinformation with some curiosity about the types of propaganda that are spread and how they are published on social media. Only a few times has the integrity and availability of the system been compromised.

Part 3
What is identity theft and how to avoid it? Check this link from the American's Federal Trade Commission about "Avoiding Identity Theft". Explore the information on the Federal Trade Commission's website and answer the following questions:
• What is identity theft? When someone stolen personal information about you without your permission (oxford language) .
• How to Avoid identity theft? It is unlike to find way to avoid becoming a victim of identity theft but there are, some steps to bring down the risk of being robbery: Safeguard Social Security number, Protect your mobile phone, create strong passwords and change them regularly (April 20, 2022, Experian).

LAB 2 - "Attacks to Gain Unauthorised Access"

Attacks to Gain Unauthorised Access

In this lab you will need to research 10 attack methods to gain an understanding of how unauthorized access is gained:
1. Shoulder Surfing:
2. Social engineering:
3. Malware:
4. Phishing:
5. Malicious links:
6. Brute force:
7. Piggybacking / Tailgating:
8. Packet Sniffing:
9. Weak passwords:
10. Physical theft:
Briefly explain how attackers gain unauthorized access using these attack methods.
Shoulder Surfing: The thief steals personal information by looking over the victim's shoulder (Wikipedia,2020).
Social engineering: It uses manipulation control to trick users into giving away delicate information.
Malware: Is the conjunct of several malicious software forms, including viruses, ransomware, trojans, spyware, and other harmful computer programs (Wikipedia).
Phishing: when an attacker sends an email, a phone call, or a text message to a victim with the hopes of tricking them into divulging sensitive information(Wikipedia).
Malicious Link: This is a clickable link inserted within the content of an email. It is used to inject malware into your devices (Wikipedia,2021).
Brute force: It is an exhaustive search that tries out numerous password combinations and eventually finding the right one (Wikipedia, 2021).
Tailgating: when someone without access authorization closely follows an authorized person to enter a secured premise (blog.mailfence.com).
Piggybacking An authorized person allows another person to pass through a restricted area.
Packet Sniffing: is used for network troubleshooting, is a piece of computer hardware or computer software used to monitor network traffic (paessler.com).
Weak passwords: A weak password is one that can be guessed quickly by humans.
Physical theft: Is someone who steals other people's belongings.

LAB 3 - Element 011 "Security Policy"

Security Policy
The establishment of a security policy is critically important to ensure that organization has the necessary plans and procedures in place to safeguard its information assets. Without an effective policy, many aspects of information security will be unenforceable.

Part 1
Investigate the security policies of Anglia Ruskin University and compare the policies with any other institution/organisation of your choice. The following policies should be highlighted and compared in the investigation.
1. Network and Internet Usage Policy
a. What type of restrictions are placed on the use of the network and Internet? Or a variety of reasons, networks and the internet are used to transport and download sensitive and confidential information. As a result, many people intend to steal or misappropriate data. In Anglia Ruskin University, you must not attempt to alter any connection, configuration without being allowed for university and must not inappropriate extend any wi-fi cable or install any software or hardware (Anglia Ruskin University policy). Meanwhile, Northumbria University has been placed other restriction about network security as Firewalls, Intrusion Prevention System, Mail, and Web Filtering, Anti-Virus. Also, a connection of equipment to the network of the university must be approved by IT Security Manager and users must respect the physical network configuration of University networks. Both universities have been created network policies to established secure systems and protect sensitive data from their users. Likewise, both universities ensure all components of the CIA be fully complied with.
2. Password Policy
a. What are the specific instructions for creating passwords?
Concerning creating password both universities have created a series of rules to create a password as minimum characters, contain letters, numbers and special characters. Meanwhile, Anglia Ruskin university encourages the user to change the password when it expired, Northumbria university specific the rule clearer about password change password every 90 days. Both universities include their password policy, not writing the password down or do not share with someone else, also not use something obvious as name, surname, or a dictionary word.

Part 2
After checking examples of policies, you will do some research and write policy statements for an "Email Usage Policy".
Email
• Read communications before sending them to ensure that they are clear and that they do not contain any unintentional discrimination, harassment, or defamation.
• Large attachments and videos should not be sent by email.
• Only open email links and attachments if they come from a trusted source.
• Never respond to spam messages.

LAB 4 - "Digital Forensics Scenario"

Digital Forensics Scenario

Part 1
Search the internet for the standards relating to digital forensics and list each of the standards you think apply.
Identification
Identify acquisition of evidence that preserves the integrity of data collected (CJCSM 6510.01B, 2012).
Preservation
In this phase, the integrity of the data is kept during this period (guru99.com).
Analysis
In this step, reconstruct data fragments for analysis and interpretation of digital evidence discovered at the crime scene in this step. (guru99.com).
Documentation
A record of every visible data must be made, and it must be reviewed (guru99.com).

Presentation
In this stage, the process of the analysis of report investigation is presented alongside with demonstrative material as photographic, tools graph (guru99.com).

Part 2
Using the evidence shown in the figure below and write a brief report discussing how you are going to complete your investigation using the three main digital forensic steps:

1. Collecting: In crime scene investigation, office police look for evidence. To start with the evidence on the wall next to entry door can find mobile control thermostat and next to it, at writing note with the password. The right-hand side of the wall next to door observes at home Rub wireless & internet extension. The smart TV switch on and show the channel with search different medias option. Same table is finding gaming console off. On the table observe electric car key, Tesco Clubcard and Boris bike token and Laptop was disconnected, switch on the channel of YouTube. The sofa lying down tablet with cloud storage and oyster card. On the cupboard are notices different devices as wi-fi router and broadband home Hub on and Vonage telephone on. The window view has been seen a neighbour is writing at computer and using WIFI. The phone is on the floor and the body lying down on the floor carrying a GPS Smart watch.

2. Analysing: Gathering devices found in the scene crime is review and label in laboratory searching for relevance information as time, modification data, examination, and extraction data, correlating the files and installed applications, encryption programs, Facebook profile, examination the users default storage location, examination GPS. Meanwhile, information provides for witness to determine clarify the investigation.

3. Presenting:
For this case, handling digital forensic process that involves the examination, extraction, and interpretation of evidence. The evidence is extracted from the devices and the data is analysed. Conclusion of this case is given alongside with the proof were found in the house of victims.

Attachment:- Attacks to Gain Unauthorised Access.rar

Reference no: EM132950050

Questions Cloud

Attacks to gain unauthorised access : Attacks to Gain Unauthorised Access - Briefly explain how attackers gain unauthorized access using these attack methods
How do fake social media accounts breach : How do fake social media accounts breach the CIA Triad and What is identity theft and how to avoid it? Check this link from the American's Federal Trade
What amount should the company charge : Costs of PI 52,000 were incurred in the registration of the patent. What amount should the company charge to patent amortization expense
What is the? project npv : This investment requires an initial outlay of ?$105,000 and will generate net cash inflows of ?$21,000 per year for 8 years. What is the? project NPV
Explain which of the CIA components was not followed : Explain which of the CIA components was not followed in this scenario. The CIA component fail was Integrity, because did not maintain the expected state
Develop an estimate of the appropriate materiality amount : Develop an estimate of the appropriate materiality amount of planning materiality for Tyler Co., and describe how you arrived at the estimate.
What is the net amount to be presented in the statement : On May 3, 2012, Rhad Company completed the construction of a Building at a total cost of P14M. What is the net amount to be presented in the Statement
Calculate the operating leverage of this firm : If the economy is strong, the firm will sell 4 million drives, but if there is a recession, it will sell only half as many. Calculate the operating leverage
What is the estimated value of inventory damaged by flood : Flood damaged the merchandise inventory of SM Supermarket. What is estimated value of inventory damaged by the flood? Present solutions in good accounting form.

Reviews

len2950050

7/26/2021 2:12:54 AM

This coursework with 4 lab , each lab should have 250 words and last one with 1000 words. In total is 5 lab. I am writing assessment but I need help to improve it and check for plagiarism. I would like to get quotes about this assessment.

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd