Content - week3

9/14/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=37e1cd9d-c67d-4f63-98c9-7bb435a8eb0b&course_id=_110940_1&includeDeleted=true&pri… 1/4

%38

%3

SafeAssign Originality Report Fall 2019 - Operations Security (ISOL-631-05) - First Bi-Term • Week 3 Assignment

%41Total Score: High riskTeja Duvvapu Submission UUID: b11d40b3-fbc7-60ba-980e-7963e0388fb2

Total Number of Reports

1 Highest Match

41 % MitigatingAttack.docx

Average Match

41 % Submitted on

09/14/19 11:44 AM PDT

Average Word Count

734 Highest: MitigatingAttack.docx

%41Attachment 1

Institutional database (3)

Student paper Student paper Student paper

Internet (2)

doczz e-langue

Top sources (3)

Excluded sources (0)

View Originality Report - Old Design

Word Count: 734 MitigatingAttack.docx

1 5 4

2 3

1 Student paper 5 Student paper 4 Student paper

9/14/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=37e1cd9d-c67d-4f63-98c9-7bb435a8eb0b&course_id=_110940_1&includeDeleted=true&pri… 2/4

Source Matches (15)

Running Head: Mitigating Attack 2

Mitigating Attack 2

Mitigating Ransomware Attack

Teja Duvvapu University of Cumberland 09/14/2019

Ransomware is referring to malicious software which is intimidating towards blocking access to a machine until there is some amount paid. It can either come in the form of

file encryption in a network or machine or locking the screen of the user. Only the computers infected when ransomware attacks will not be accessed due to encryption of critical files and a ransom note will be displayed the system affected. The management has the primary role in risks management by increasing board in charge of overseeing proper risk management has been developed in the organization. CISO should be prepared towards understanding the queries that the board is making alongside the duty lists to do alongside the time basis. The board should be oversighting the cyber risks management towards ensuring that adequate steps for preventing, detecting as well as correcting risk occurrence are developed (Pope, 2016, p. 37). Access controls are crucial for ensuring integrity, confidentiality, as well as the availability of information. It is a technique used

in preventing or reducing the occurrence of risks within the organization. The primary type of access controls is logical and physical. The physical access control is

restricting accessing the company or organization. The logical access control is limiting access to the data, file systems as well as network connections of an organization. Both are identifying, authorizing as well as authenticating within the organization that is needed for evaluation of login passwords alongside usernames as well as PINs that are crucial for layered defense and protecting systems of access controls (Richardson, & North, 2017, p. 10). Logical Access controls: it is a technical control which is utilized in managing

access to resources as well as protecting objects with permissions or requires a user to change his or her credential with the technical password policy. Access controls can

be categorized into various groups utilized in some mechanisms of security that are labeled with multiple functions. Preventive Access Control: working towards preventing

the occurrence of risks. Having a guard is physical preventive control. This control is considered in physical access control since it is including alarm system, reviewing

access, lighting, audits, duty separations, CCTVs, locking systems, smart cards, antivirus software, training awareness for security as well as security policies (Richardson, & North, 2017, p. 10). Detective Access Control: it is aiming at detecting or finding irregularities or errors within the system. The control is performing performance review

towards comparing information regarding current forecasts, financial as well as prior periods for measuring the extent of achieving objectives as well as goals towards identifying conditions that are unusual or unexpected results. These controls include CCTVs, security guard, audit trails, reviewing and supervising users, a system for detecting intrusion as well as incident investigation and honey pots alongside motion detectors (Pope, 2016, p. 37). Corrective access control: it is for restoring the system to usual operations after

a disaster occurrence. These are inclusive of antivirus, alarms, mantraps, security policies, as well as business continuity planning. A fire extinguisher is categorized under

physical corrective control. Recovery Access Control: it is providing means of recovering from the disaster occurrence as well as being able to get the system back to usual

operation before incidence occurrence. These controls are the site for disaster recovery, data backup systems as well as high availability (Richardson, & North, 2017, p. 10).

Deterrent access control: the control is trying to discourage the attackers from attacking the system, for instance, dogs for security guard, alarms, lights, fences as well as video surveillance. Compensating access control: used for providing alternative methods to countermeasures which are having high implementation cost — for instance, having single authority serving in one, two or more types of functions such as detecting, preventing as well as deterring. In conclusion, small and medium-sized business are mainly prone to scams, frauds, embezzlement by employees, work crimes as well as theft. Thus there is a need for implementing precautions for reducing or preventing dishonesty within the organization as a result of money and valuable deals of the business. Big companies mostly value internal controls, unlike small businesses (Pope, 2016, p. 37).

References

Pope, J. (2016). Ransomware: minimizing the risks. Innovations in clinical neuroscience, 13(11-12), 37. Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation, and prevention. International Management Review, 13(1), 10.

1

2

3 4

2

1

4

1 5

1 1

1

5

1

1

9/14/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=37e1cd9d-c67d-4f63-98c9-7bb435a8eb0b&course_id=_110940_1&includeDeleted=true&pri… 3/4

Student paper 71%

doczz 66%

e-langue 63%

Student paper 67%

doczz 66%

Student paper 70%

Student paper 100%

Student paper 88%

Student paper 65%

Student paper 100%

Student paper 62%

Student paper 100%

1

Student paper

Ransomware is referring to malicious software which is intimidating towards blocking access to a machine until there is some amount paid.

Original source

Ransomware is malicious software that intimidates to block the access to a machine until some amount is paid

2

Student paper

Access controls are crucial for ensuring integrity, confidentiality, as well as the availability of information.

Original source

necessary for ensuring confidentiality, availability and integrity of information

3

Student paper

The primary type of access controls is logical and physical.

Original source

physical and logical access

4

Student paper

The physical access control is restricting accessing the company or organization.

Original source

Physical access control limits access to the organization or company

2

Student paper

Logical Access controls:

Original source

Logical access control

1

Student paper

Access controls can be categorized into various groups utilized in some mechanisms of security that are labeled with multiple functions.

Original source

Access controls can be divided into seven categories that are used for some security mechanisms that can be labeled with multiple functions

4

Student paper

Preventive Access Control:

Original source

Preventive access control

1

Student paper

Having a guard is physical preventive control.

Original source

A guard is a physical preventive control

5

Student paper

This control is considered in physical access control since it is including alarm system, reviewing access, lighting, audits, duty separations, CCTVs, locking systems, smart cards, antivirus software, training awareness for security as well as security policies (Richardson, & North, 2017, p.

Original source

This preventative access control will be considered in physical access control as it includes access review, audits, lighting, alarm system, separation of duties, locks, closed circuit television (CCTV), smart cards, callback, security policies, security awareness training, and antivirus software

1

Student paper

Detective Access Control:

Original source

Detective Access Control

1

Student paper

The control is performing performance review towards comparing information regarding current forecasts, financial as well as prior periods for measuring the extent of achieving objectives as well as goals towards identifying conditions that are unusual or unexpected results.

Original source

It mainly performs a review of performance which manages to compare the information about current financial, forecasts, and prior periods to measure the extent to which goals and objectives are achieved to identify unexpected results or unusual conditions

1

Student paper

Corrective access control:

Original source

Corrective Access Control

9/14/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=37e1cd9d-c67d-4f63-98c9-7bb435a8eb0b&course_id=_110940_1&includeDeleted=true&pri… 4/4

Student paper 72%

Student paper 100%

Student paper 90%5

Student paper

These are inclusive of antivirus, alarms, mantraps, security policies, as well as business continuity planning. A fire extinguisher is categorized under physical corrective control.

Original source

The examples of these access control are antivirus solutions, alarms, mantraps, business continuity planning, and security policies It is a fire extinguisher is an example of a physical corrective control

1

Student paper

Recovery Access Control:

Original source

Recovery Access Control

1

Student paper

Deterrent access control: the control is trying to discourage the attackers from attacking the system, for instance, dogs for security guard, alarms, lights, fences as well as video surveillance. Compensating access control:

Original source

Deterrent access control It helps in attempting to discourage attackers from attacking the machine some of the examples of Deterrent Access Control are fences, security guard dogs, lights, video surveillance, and alarms Compensating Access Control