What distinguishes an unknown threat from a known threat

Assignment Help Computer Engineering

Reference no: EM133325226

Assignment: Case Study Activity Questions

Case Study-1: Utilizing Threat Data and Intelligence

1. What distinguishes an unknown threat from a known threat?

2. What types of controls address risks from unintentional insider threats?

3. Security monitoring has detected the presence of a remote access tool classified as commodity malware on an employee workstation. Does this allow you to discount the possibility that an APT is involved in the attack?

Case Study-2: Utilize Attack Frameworks

1. What type of threat research is best suited to configuring effective firewall rules?

2. What distinguishes an attack framework from an indicator management tool?

3. What elements of an event do the vertices in the Diamond Model represent?

4. What role does TAXII play in indicator management? Scenario Based Activity Developing a Network Threat Model You work for a PR and marketing company that handles highly sensitive information for its high-profile clients. Client records are stored in a database and file system hosted on your private corporate network. As well as client records, this includes media such as photos and videos. Most remote client communications and data transfers take place using a one-to-one encrypted messaging app, but you also accommodate some clients who prefer to use email. A high percentage of your staff work remotely, accessing data and services over a VPN. You are reviewing your security procedures in the light of some high-profile hacks of celebrity data. At this point, you want to understand the attack surface and attack vectors by which your private network could be compromised.

1. What remote access methods could an attacker exploit?

2. Focusing on email, think of how email is processed as it is sent by a remote user and received by your company. What are the attack vectors against the company's email servers? How can these be related to adversary capability, assuming the levels to be advanced (most capable), developed, and augmented (least capable)?

3. What comes next in the chain of processing incoming email, and what attack vectors can adversaries exploit.

4. What countermeasures can be deployed for each email attack vector?

Reference no: EM133325226

Questions Cloud

Pace and scale of globalization : With the pace and scale of globalization, do you think people around the world are becoming homogeneous or heterogeneous and why?

Cultural differentialism and cultural convergence : Decide which concept is the most fitting: cultural differentialism, cultural convergence, or cultural hybridization.

Design a uniform 4-bit per sample quantizer for this signal : Design a uniform 4-bit per sample quantizer for this signal so that the granular region of the quantizer covers the range with minimum distortion.

Emphasizing potential dangers in police work : What is the proper balance between emphasizing the potential dangers in police work and preparing officers to be prepared and trying to reduce the stress

What distinguishes an unknown threat from a known threat : What distinguishes an unknown threat from a known threat? What types of controls address risks from unintentional insider threats?

Identity affects people speech in interview : How identity affects people speech in the interview.

Effects of gender stratification in workplace : What can be done to lessen the effects of gender stratification in the workplace? How does gender stratification harm both men and women?

Explain how environmental problems are social problem : Explain how environmental problems are a social problem. Briefly discuss social rifts and war. Apply the functionalist perspective to war.

Define accessor and mutator methods and their purpose : Define accessor and mutator methods and their purpose. Provide an example of an accessor and a mutator and explain how the code uses the mutator or accessor.

User Account

All Pages