2-3 Short Response - Breach Analysis Simulation One
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
250
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
4
Uploaded by SuperKoala931
1
2-3 Short Response: Breach Analysis Simulation One
Chris Lawton
Southern New Hampshire University
CYB 250: Cyber Defense
Prof. Nancy McDonnell
July 9, 2023
2
Reflection on CIA and Data Protection
Data protection is extremely pivotal in today’s age where everything is stored online, and attackers are always looking for ways to exploit sensitive data. In this scenario, an attacker is evaluating the waters by first uploading files to the web server and overloading it. This can help them determine if they can infiltrate your system through the web server. Utilizing the CIA Triad,
I believe the tenet that best suits this scenario would be Integrity. Integrity is defined as the insurance that data is free from tampering and is trustworthy. This means the data must be authentic, accurate, and dependable. Since the attacker was able to fill the web server with files creating a situation of low disk quota, the integrity has been compromised and the attacker will be able to further infiltrate the system if proper measures are not taken immediately. Secure Sockets Layer (SSL) deprecated in 2015 due to known security vulnerabilities. Two main vulnerabilities include Heartbleed Bug and POODLE SSL. Heartbleed is a bug that can allow attackers to steal your private keys attached to SSL certificates. This can include usernames, passwords, and other sensitive data without leaving any sort of trace. POODLE SSL is a form of a man-in-the-middle attack that exploits the vulnerability in the CBC encryption scheme as implemented in the SSL 3.0 (ManageEngine, communications@manageengine.com, n.d.). Transport Layer Security (TLS) fixes these vulnerabilities by authenticating more efficiently and continues to support encrypted communication channels. Incident Response Plan
No matter the size of an organization, security should always be a top priority. This can be done by assuring that the Cyber Incident Response Team (CIRT) is able to manage all situations or attacks. The CIRTs main objective is to respond as quickly as possible to an attack
3
and minimize its impact. The most important thing for any CIRT is to always prioritize training. This is vital in making sure that the team is always up to date on current threats and how to mitigate such attacks in a timely manner. One way to ensure that even a small team is capable of handling anything and everything is to have a proper game plan. This includes outlining roles and responsibilities early so when attacks arise, everyone knows their role to respond quicker and minimize the attack.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
References
ManageEngine, communications@manageengine.com. (n.d.). Key Manager Plus
. ManageEngine Key Manager Plus. https://www.manageengine.com/key-
manager/help/ssl-vulnerability.html#:~:text=3.-,SSL%20End%2DServer
%20Vulnerability,the%20following%20end%2Dserver%20vulnerability.
SSL vs TLS - Comparing Communication Protocols - AWS
. (n.d.). Amazon Web Services, Inc. https://aws.amazon.com/compare/the-difference-between-ssl-and-tls/#:~:text=However
%2C%20SSL%20is%20an%20older,to%20support%20encrypted%20communication
%20channels.
Vijayan, J. (2002, July 15). Build a Response Team
. Computerworld. https://www.computerworld.com/article/2577130/build-a--response-team.html
What is the CIA Triad and Why is it important? | Fortinet
. (n.d.). Fortinet. https://www.fortinet.com/resources/cyberglossary/cia-triad#:~:text=The%20three
%20letters%20in%20%22CIA,and%20methods%20for%20creating%20solutions.