Question

Class: CCSI-360

WEEK 3: CYBER ATTACK COUNTERMEASURES

What protection measures can be employed by an organization to protect its information technology infrastructure from both internal and external threats?

Answer 1

1. Access information vulnerabilities

Infiltration testing tools can be received to check the vulnerabilities or feeble regions in the product development pipelines. Introduce IDS (Intrusion Detection System) so the company can be alarmed if there is suspicious action on any of the system.

2. Continuous Monitoring of the Databases

Screen all database get to movement and utilization designs continuously to recognize information spillage, unapproved SQL and huge information exchanges. Distinguish and characterize delicate information. Send solid client confirmation and stay up with the latest.

3. Compute Risk Scores

Regular Vulnerability Scoring System is one of the methods to catch the vulnerabilities and produce a numerical score which mirrors its seriousness. The numerical scores further gets converted into the subjective estimation like low, medium, high or basic. This gives the associations a greater image of their information helplessness.

4. Team Training

Train your workforce on the most proficient method to perceive regular digital dangers (for example a lance phishing assault). Try not to open messages from baffling senders. Advance a security cognizant work culture. Alert them about social building assaults and not be the injured individual by clicking without considering, simply to straighten something up. Square vindictive web demands.

5.  Remove excessive privileges

The database privileges should not exceed the requirements of the job function. Which person gets what privilege should be thought of beforehand. Also, if the ex-employees depart on bad terms, the privileges can be used for bringing damage and the data can be used to bring a loss to the company.

6. Evacuate over the excess privilege

The database benefits ought not surpass the prerequisites of the activity work. Which individual gets what benefit ought to be thought of previously. Additionally, if the ex-representatives withdraw on terrible terms, the benefits can be utilized for bringing harm and the information can be accustomed to convey a misfortune to the organization.

7. Encode Data

Encryption verifies information by utilizing extraordinary numerical calculations to change over the information into mixed code before transmission. The information is decoded when an approved client gets to it. Right now, encryption is a standout among the most well known and successful information security techniques utilized by associations.

8. Step to Cloud Services

Cloud-based structures are more catastrophe tolerant to secure information. The manner by which information is encrypted additionally builds its security.