information security
rajivnaiduIn your role as a highly paid consultant, you are given a list of potential threats to and vulnerabilities of the current communication security protocols of an organization. You are asked to provide quantitative data to measure the likelihood that any of these threats will actually occur for the information assets of the client. Conduct research and describe resources you found that might provide insight into measuring the likelihood that some of the threats would actually occur. In the explanation, include whether you see a trend in resources that might indicate a specific industry is particularly involved in gathering this kind of data. Additionally, evaluate which communication security protocols are more effective and provide an explanation.
Requires( 2 pages with 3 intext citations and references)
List of Possible Threats/Vulnerabilities
- Spoofingis attempting to gain access to a system by using a false identity. This can be accomplished using stolen user credentials or a false IP address. After the attacker successfully gains access as a legitimate user or host, elevation of privileges or abuse using authorization can begin.
- Tamperingis the unauthorized modification of data, for example, as it flows over a network between two computers.
- Repudiationis the ability of users (legitimate or otherwise) to deny that they performed specific actions or transactions. Without adequate auditing, repudiation attacks are difficult to prove.
- Information disclosureis the unwanted exposure of private data. For example, a user views the contents of a table or file he or she is not authorized to open, or monitors data passed in plaintext over a network. Some examples of information disclosure vulnerabilities include the use of hidden form fields, comments embedded in webpages that contain database connection strings and connection details, and weak exception handling that can lead to internal system-level details being revealed to the client. Any of this information can be very useful to the attacker.
- Denial of serviceis the process of making a system or application unavailable. For example, a denial of service attack might be accomplished by bombarding a server with requests to consume all available system resources or by passing it malformed input data that can crash an application process.
Elevation of privilegeoccurs when a user with limited privileges assumes the identity of a privileged user to gain privileged access to an application. For example, an attacker with limited privileges might elevate his or her privilege level to compromise and take control of a highly privileged and trusted process or account
Rubrics for the Assignment : Attached to the document please redo it immediately and i want in 10 hours
[removed]
This assignment needs some work. You needed to take each of the threats and do analysis on each one. This analysis would include quantitative data as well as the likelihood. You have no numbers in your paper to work from. Also, I couldn't find a section regarding recent trends or secure communication protocols within your assignment.
11 years ago
20
Purchase the answer to view it
chk_it.docx
Purchase the answer to view it
- IT549ScenarioPotentialThreats.docx
- I need help with Physics Principles and Problems GC, Exam Unit 7,8,9
- BUS 437 Week 1 DQ 2 ( Using Outside Help to Write the Plan ) - Tutorial Contains Two Answers For This Discussion - A Graded
- BCOM 230 Week 4 Individual Assignment Basis of Power
- 21 Synectics steps
- Conflict Management Strategy
- PROJ 586 Project Management Systems Project,Quiz,Final Exam
- Hi, I need help with these questions please. I'm supposed to round only the final answer to the nearest hundredth. Could you also provide the step by step in solving these questions so I can understand better? Thanks in advance. 1. Your firm issued 15-yea
- Reviewing and Testing the Code
- GEOL 101 assignment
- Suppose that the unemployment rate is 5%
