User Account

All Pages

Identify three potential kinds of ddos attackers

Assignment Help Computer Network Security
Reference no: EM131898221

Part 1: What Would You Do? Scenario #3

The purpose of this exercise is to practice integrating ethics into the decision-making process by addressing Internet crime.

On page 119 of the textbook, review scenario #3. Describe how you would handle this scenario using the five-step decisionmaking

process provided in the textbook. Your response to Part 1 should be at least one page.

3. You are a member of the Human Resources Department of a three-year-old software manufacturer that has several products and annual revenue in excess of $500 million.

You've just received a request from the manager of software development to hire three notorious crackers to probe your company's software products in an attempt to identify any vulnerabilities. The reasoning is that if anyone could find a vulnerability in your software, they could.

This will give your firm a head start on developing patches to fix the problems before anyone can exploit them. You're not sure, and you feel uneasy about hiring people with criminal records and connections to unsavory members of the hacker/ cracker community. What would you do?

Part 2: Case #1 - Defending Against Distributed Denial-of-Service Attacks

The purpose of this exercise is to think critically about ethical considerations for an IT-related scenario on denial-of-service attacks.

On pp. 120-121 of the textbook, analyze Case #1. Answer the discussion questions that follow the case, and reference the specific ethical approaches (see page 22 in the textbook) that inform your answers. Your response to Part 2 should be at least one page.

. Defending Against Distributed Denial-of-Service Attacks A DDoS attack can easily cost an organization tens of thousands of dollars per minute in lost revenue and worker productivity.

In addition, in the fallout from such an attack, an organization may find its customers switching to competitors due to a loss of confidence resulting from the bad publicity. Financial and travel service firms and various e-commerce Web sites are frequent targets of DDoS attacks. During the fall of 2012, powerful DDoS attacks were directed at the Web servers of several major U.S. banks.

The DDoS attack directed 65 Gbps of data traffic at each bank server-the network equivalent of an F5 hurricane-effectively making the server inaccessible to customers. The attack repeated itself at one bank after another. Over the course of a few weeks, Bank of America, Capital One, JPMorgan Chase, PNC Financial Services, Regions Financial, Sun Trust, US Bank, and Wells Fargo were all hit.

Particularly alarming is that the banks were not able to completely fend off the attacks-the attackers simply stopped on their own to avoid being iden- tified. The parties responsible for these attacks have not been positively identified, but suspects include Hamas, an Islamic group called the Izz ad-Din Al-Qassam Cyber Fighters, the hacktivist group Anonymous, cybercriminals based in Eastern Europe, and hackers in Saudi Arabia and Iran.

44 SpaFinder is a spa and wellness company that sells spa, wellness, and beauty gift cards and rewards programs that draw millions of clients to its global network of spas, fitness studios, and wellness practitioners.

45 A recent DDoS attack hit SpaFinder's 24/7 call center, making it impossible for customers to access the Web site to view content, make purchases, redeem gift certificates, or spend rewards points. SpaFinder's Web hosting service was unable to deal with the attack. In desperation, SpaFinder technical support people contacted a DDoS mitigation service company that was able to get their site back up and running in less than 24 hours.

46 DDoS mitigation service organizations monitor clients' network equipment for signs of a DDoS attack. If such an attack is detected, all traffic is rerouted from the client Web site to the service provider over a dedicated high-speed network link for traffic "scrubbing." This process allows the service provider to use powerful servers to inspect the data traffic for anomalies.

All legitimate traffic is forwarded back to the customer for routine processing; all attack traffic is dropped. In addition to contracting with a DDoS mitigation service provider, security experts recom- mend that organizations (1) develop and practice a standard operating procedure to follow in the event of a DDoS attack; (2) maintain contact information for their ISP and hosting providers that includes names and phone numbers for whoever should be contacted during a DDoS attack and what information they will need; and (3) prioritize network services to identify what services could be turned off or blocked if needed to limit the effects of the attack.

Discussion Questions

1. Outline a quantitative approach for justifying the use of a DDoS mitigation service to protect an e-commerce company such as SpaFinder. Can you identify any nonfinancial reasons to subscribe to a DDoS mitigation service? If so, what are they?

2. Identify three potential kinds of DDoS attackers of an e-commerce company such as SpaFinder. What would be the motive for each of these attackers?

3. Do research on the Web to find three DDoS mitigation service providers. How are their services similar? How are they different? Which DDoS service provider do you think is the best?

You will combine both Part 1 and Part 2 together in one document and submit it for grading .

your responses as Part 1 and Part 2. Cite the textbook in APA on a reference page for this assignment. The reference page does not count toward meeting the total page requirement for this assignment.

Reference no: EM131898221

Questions Cloud

Discuss the accounting rules in brief : FASB and the IASB are working on a joint convergence project to bring US GAAP and IFRS revenue recognition rules into alignment.
Occupational outlook handbook : Provide a general summary of the contents of this job information database.
Hiring someone in an entrepreneurial environment : What type of interview would work best when hiring someone in an entrepreneurial environment?
Hr roles in the strategic planning process : Have you ever seen a TED talk or other academic video about examining HR's roles in the strategic planning process?
Identify three potential kinds of ddos attackers : The purpose of this exercise is to think critically about ethical considerations for an IT-related scenario on denial-of-service attacks.
Effectiveness and efficiency of organization : What can you tell me about human resource planning -- in regards to it being a key factor in ensuring the effectiveness and efficiency of organization.
Explore type of market in which select product will compete : Explore the type of market in which your selected product will compete, along with an analysis of competitors and customers.
List the make and model of desired hardware devices : Purpose of Assignment: Electronic spreadsheets are useful tools, especially when creating a business budget. Once a spreadsheet is set up correctly in Excel.
Prepare a formal report to identify new techniques : You have been asked to prepare a formal report to identify new techniques and best practice that could be adopted to improve how key processes are monitored

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd