Case Study
jimpop1998
CaseStudyCIAExercise.docxCase Study: CIA Exercise
Part-1: Read this The Guardian article
https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
1) Which property or properties of information or systems might have been damaged by the attack described in this media outlet?
|
Property |
Yes/No/Not Sure |
If yes, affected information and system(s) |
|
Confidentiality |
|
|
|
Integrity |
|
|
|
Availability |
|
|
2) Which security best practices would have prevented this incident? Please refer to Chapter-4 of the book and the Internet resources.
Part-2: Read this New York Times article
https://www.nytimes.com/2017/09/14/business/equifax-hack-what-we-know.html?register=google
1) Which property or properties of information or systems might have been damaged by the attack described in this media outlet?
|
Property |
Yes/No/Not Sure |
If yes, affected information and system(s) |
|
Confidentiality |
|
|
|
Integrity |
|
|
|
Availability |
|
|
2) Which vulnerability is exploited by hackers? Please refer to New York Times article for the answer.
3) Based on your answer of question-2, why this easy-to-fix vulnerability might have existed in such a serious enterprise’s server? What might be the root causes of this vulnerability? Please think about human, management, process aspects of information security to answer this question.
4) Which security best practices would have prevented this incident? Provide as many precautions as you can in various levels including technical, documentary, managerial. Please refer to Chapter-4 of the book and the Internet resources.
Part-3: Read this NBC News article
1) Which property or properties of information or systems might have been damaged by the attack described in this media outlet?
|
Property |
Yes/No/Not Sure |
If yes, affected information and system(s) |
|
Confidentiality |
|
|
|
Integrity |
|
|
|
Availability |
|
|
2) Which security best practices would have prevented this incident?
