ZuoTi.Pro
Question

1.Create an after action report Create an After-Action Report for management that describes how Ddos attack...

1.Create an after action report Create an After-Action Report for management that describes how Ddos attack could have occurred after disgruntled employees were fired.

2.Analyze and explain how using specific industry best practices can protect the company network.

3.Determine and explain security measures, in detail, that you would recommend to enhance security.

4.Include how cryptography and authentication can support security.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Solution:

1)

The attack could have occurred for the following reasons:-

a.Butter overflow attack-This is one of the most common DOS attacks.Its aim is to send the huge number of traffic to the network which it cannot handle.As a result, it locks up the whole system with such huge request.
b.ICMP Flood-It takes one of the misconfigured networks by sending dummy packets that are going on every machine except a particular machine.After that, this network is triggered to increase the traffic flow.This is also known as the ping of death.
c.SYN flood - This one sends a request to the server but it never completed the handshakes.As a result, this leaves the port opened to be used.

2)

The attack can be stopped by using the following ways:-
a.The company needs to purchase a lot of bandwidth.It prevents the attacker as he cannot jam the network.
b.To have proper detection techniques which will help to identify the difference between legitimate and malicious traffic.
c.Use of throttling and rate limiting technologies can prevent the attack a greater strength.

3)

Security measure which should be taken by the company is
a.First of all the company need to purchase a lot of bandwidth.
b.HAve a proper detection method to identify the traffic.
c.Use of throttling and rate-limiting techniques.
d.Keeping a strong firewall.
e.Have all the antivirus and security features up to date.

4).

Cryptography and authentication can support security

When a data is encrypted, it is done with a particular key and that key is not known to anyone except the user.So for other, the message seems nothing but some meaningless characters.The other end of the user, when supplied with the key, can decode the message and have it.So having an encryption increase the security standard of an organization.

I hope this helps if you find any problem. Please comment below. Don't forget to give a thumbs up if you liked it. :)

0 0
Add a comment
Know the answer?
Add Answer to:
1.Create an after action report Create an After-Action Report for management that describes how Ddos attack...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • The opening case, ‘Hackers Attack the SWIFT Global Banking Network’, discusses breaches in the system of...

    The opening case, ‘Hackers Attack the SWIFT Global Banking Network’, discusses breaches in the system of several banks that are a part of the SWIFT network. The case is an example of the importance of information system controls. Explain some of the security risks associated with information systems as well as some security and control measures that can be implemented to protect against these security risks. Hackers Attack the SWIFT Global Banking Network SWIFT, which stands for Society for Worldwide...

  • Chapter 06 Applied Cryptography 1. How is integrity provided? A. Using two-way hash functions and digital...

    Chapter 06 Applied Cryptography 1. How is integrity provided? A. Using two-way hash functions and digital signatures B. Using one-way hash functions and digital signatures C. By applying a digital certificate D. By using asymmetric encryption 2. Which term refers to the matching of a user to an account through previously shared credentials? A. Nonrepudiation B. Digital signing C. Authentication D. Obfuscation 3. Which term refers to an arranged group of algorithms? A. Crypto modules B. Cryptographic service providers (CSPs)...

  • Option 1: Authentication System For security-minded professionals, it is important that only the appropriate people gain...

    Option 1: Authentication System For security-minded professionals, it is important that only the appropriate people gain access to data in a computer system. This is called authentication. Once users gain entry, it is also important that they only see data related to their role in a computer system. This is called authorization. For the zoo, you will develop an authentication system that manages both authentication and authorization. You have been given a credentials file that contains credential information for authorized...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Management in Action Chapter 11. Please answer application of chapter content 1-5. the snapshot of the...

    Management in Action Chapter 11. Please answer application of chapter content 1-5. the snapshot of the questions WAS uploaded 4. How do you distinguish values from attitudes and behavior? 5. What is the process of perception? 8. What are four types of behavior that managers need to influence? 9. Explain the two dimensions of diversity. 10. What are six sources of stress on the job? Management in Action Does the Financial Services Industry Lack Diversity? Professionals in the financial services...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of...

    CASE STUDY U.S. Office of Personnel Management Data Breach: No Routine Hack The U.S. Office of Personnel Management (OPM) is conducted, may have been extracted. Government offi responsible for recruiting and retaining a world-class cials say that the exposure of security clearance irn workforce to serve the American people and is also mation could pose a problem for years responsible for background investigations on pro- spective employees and security clearances. In June the OPM system, and its records were protected...

  • A new version of the operating system is being planned for installation into your department’s production...

    A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...

  • IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is...

    IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is a popular type of transport layer security (TLS) software (discussed later in this chapter) that secures numerous websites around the world. Web servers use OpenSSL to encrypt sites. Such sites show up in browsers with a “lock” icon and the “https” prefix in the address bar. The encryption protects Internet sites offering banking, shopping, email, and other private communications. Roughly two out of three...

  • Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control...

    Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT