CIS-217ProjectPart2

pdf

School

Georgia Military College *

*We aren’t endorsed by this school

Course

217

Subject

Computer Science

Date

Dec 6, 2023

Type

pdf

Pages

Uploaded by xpexpert8

1 Project Part 2: Security Solutions Name Georgia Military College CIS 217-20101 Cyber Information Security Professor Veal November 5, 2023

2 Georgia Military College has risk and threats just like any other business or college. In order to keep their reputation, staff, and student body safe, countermeasures can be used help prevent attacks, thus protecting Georgia M ilitary College’s assets. Seeing the benefits of these security solutions can be seen by identifying countermeasures to address Georgia Military College’s risk s, how these countermeasures provide confidentiality, integrity, and/or availability, and how they can provide a layered defense. Countermeasures are the methods meant “t o protect computer systems and networks from cyber threat” that can be used to “detect [or] prevent the impact of an attack ” (Scheldt, 2023). Since there is always a risk possibility due to the inevitability of being risk-free, countermeasures are the precautions taken to lessen or avoid damaging attacks. Data breaches, one of the risks that the college faces, are one of the worst attacks that the school can face. Luckily, using countermeasures can be used to ease the mind of this attack by helping to prevent any data breaches. On top of using physical security controls to protect any data that was printed and filed, firewalls and anti-spy software are excellent countermeasures to have when it comes to protecting data that has not been physically stored. Not only can firewalls be used to help prevent data breaches, but if they are added onto the computers on campus then those computers can be protected from human error risk like visiting an unsafe website that opens a way for a virus to enter the software. Countermeasures also need to be applied when referring to the college’s reliability of the internet, or more specifically Moodle. Due to Georgia Military College requiring an internet connection to access class pages, research data bases and more, denial-of- service (DoS) and distributed denial-of-service (DDoS) attacks would be an effective attempt to make Georgia Military College come to a halt. A DoS attack is when a server is overloaded with traffic, which causes the targeted website to shut down. A DDoS is when multiple machines are

3 used to cause a DoS attack at a faster pace. Assuming the attacker would want a fast execution of an attack and that computer labs on campus are not under surveillance, the countermeasures mentioned will focus on the DDoS attack risk. One of the best countermeasures to a DDoS attack is to just be prepared. Most DDoS attacks are used to just shut down and make business come to a halt from the chaos . If Georgia Military College can “ determine how [they] can function should [an] attack limit connections to hardware ” and organize a DDoS response plan, there would be no chaos when the attach happens since they would be ready, thus limiting the impact or damage (“Understanding and Responding, ” 2022). The use of firewalls and VPNs, referred to as a form of network security controls, provides integrity and confidentiality. Both of these tools can lock out those who do not have access to a file, which is how confidentiality is provided, leaving only trusted sources with the data. Since trusted users are the only ones with access to the data and the permissions to make changes, integrity, which “requires that information can only be modi fied by those authorized ,” is provided as well (Fanelli, 2016). Availability is provided when preparing for a DDoS attack. One would make sure that the data that would originally be blocked out from the attack would still be available to access, which provides availability. A layered defense can be viewed as a form of precaution against threats. A layered defense requires multiple layers of access and security controls and the more layers the better. A firewall, on top of being a fine example of how countermeasures can provide integrity and confidentiality, can also be a starting point in a layered defense. By placing an intrusion detection system (IDS) after a firewall, a layered defense has been created. Simply by adding an extra form of protection behind a countermeasure makes “it harder for an attacker to com promise [any] assets” (Kobrick, 2003). Countermeasures also cannot be limited in terms of how many

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

4 countermeasures are used for creating the layers in a layered defense. Yes, only certain countermeasures are needed depending on what a business needs, but after finding which countermeasures work best, there is no need to pick and choose which ones will be used in a layered defense. In conclusion, solutions to the risk that Georgia Military College faces can be prevented by using countermeasures. By identifying some countermeasures, the risks were given a few solutions to help lessen or avoid damage. Countermeasures are also able to provide the three principles of information security which are confidentiality, integrity, and availability. On top of being able to lessen the blow from risks, countermeasures can be layered on top of each other to provide a layered defense.

5 References Fanelli, R. “ Cyberspace Offense and Defense. ” (2016). Journal of Information Warfare , 15 (2), 53 – 65. https://www.jstor.org/stable/26487531. Kobrick, Jonathan. “NIDS Countermeasures: What, Why, Where, When, and How” (2003). GIAC Certifications. https://www.giac.org/paper/gsec/2757/nids-countermeasures-what- why-where-when/104690. PDF File. Scheldt, Amanda. “What is a countermeasure in computer security?” (2023, August 21). CompTIA . https://www.comptia.org/blog/what-is-a-countermeasure-in-computer- security#school. “Understanding and Responding to Distributed Denial -of- Service Attacks.” (2022). CISA . https://www.cisa.gov/sites/default/files/publications/understanding-and-responding-to- ddos-attacks_508c.pdf. PDF File.

Related Documents

[Lab-Pentest] Metasploit RAT.docx

Practice Q&A Questions.pdf

CIS-217ProjectPart1.pdf

Assignment 5 - Jonatan.pdf

CIS-217ProjectPart3.pdf

Discussion 7 post.docx

F23_HW6_arule_student.docx

6.2.11 Practice Questions.pdf

merkle trree.docx

ques1btree.docx

vertopal.com_mnist_logreg.pdf

ilovepdf_merged (3).pdf

Recommended textbooks for you

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

MIS

Computer Science

ISBN:9781337681919

Author:BIDGOLI

Publisher:Cengage

Fundamentals of Information Systems

Computer Science

ISBN:9781305082168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

SEE MORE TEXTBOOKS

Recommended textbooks for you

Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,