Security Analyst for a toll road authority (TRA)

 

Scenario
You are a Security Analyst for a toll road authority (TRA) in a major city. The TRA is about to undergo its yearly IT audit, and you have been asked to make
sure everything goes well and that there are no audit findings.
The TRA has eight toll road plazas with multiple lanes. Three lanes are for vehicles with prepaid toll tags. The other three are for drivers paying in cash. In
addition, there are several on ramps and off ramps with toll tag sensors that automatically debit the customer’s account when the vehicle passes through.
All toll plazas and ramps are equipped with cameras that record vehicles passing through them. They also take pictures of each vehicle’s license plate in
case the driver does not have a toll tag. The pictures are then examined by advanced imaging software that determines the plate number, identifies the name
and address of the driver associated with that vehicle, and sends a bill to that address notifying the driver of the charge, along with instructions on how to
pay it (this is a drastic oversimplification of how the toll violations process actually works, but for the purpose of this project it will suffice).
1. Using a graphical program of your choice, create a flowchart or diagram of how the system is architected based on the information given.
a. LucidChart and Draw.io are two free flowcharting options that should suffice.
2. Assume there are firewalls protecting the network perimeter and that only port 443 is being allowed to the web servers. Also assume that the web servers are located in a DMZ, the WebLogic servers are on the internal network, and
3. Creating a test plan to assess the following:
● Web site security. There are some concerns about some of the fields not being properly coded.
● WebLogic servers. One of the servers was the victim of a “coinminer attack” last year due to an unpatched vulnerability. This attack impacted the availability of the server by causing the CPU utilization to spike past 70%There is tremendous concern, therefore, around the effectiveness of the patch management process.

Sample Solution

various strategies used to quantify the limit of momentary memory. These incorporate specification, entire report and alphanumeric range undertakings (taken to have a 4 lump furthest cutoff), and review of visual upgrades, multi-object following and reiteration preparing (all contended to show a maximum constraint of under 4) (Avons, Ward, and Russo, 2001). The accompanying segment frames a concise procedure of transient memory estimation for chose try types, alongside a rundown of results up to this point got.

 

Count

List undertakings include giving a member n objects to count, and estimating the response time for each number. It is contended that the more modest the functioning memory limit, the more extreme the response time slants would be (Tuholski et al., 2001). As should be visible from figure 2 underneath; involving lines as the item to count; the response time is moderately steady until multiple lines are introduced, so, all in all response time increments strongly. This shows that 4 lines is the simple maximum breaking point concerning this specific form of momentary memory. The creators reason that the controlled handling component of counting limits the functioning memory range. This has been depicted as subitizing, in which a couple of things can be promptly and quickly joined in, however more things require a lofty expansion in both response time and by and large time expected to take care of the things (Cowan, 2001).

 

Figure 2. An illustration of results acquired from a list task (adjusted from (Tuholski et al., 2001)

 

This ‘elbow’ in the specification bend has been proposed to be brought about by an expansion in memory load, explicitly a less programmed technique for handling, which permits additional time in which engrams inside the transient memory can be overwritten, subsequently diminishing exactness (Green and Bavelier, 2005).

Relationship between parts of data

Relationship between the snippets of data introduced can impact limit. Cowan delineates this utilizing the letter succession fbicbsibmirs which on first look seems to be a useless string that would require memory of 12 separate pieces of data. Nonetheless, on nearer assessment it tends to be seen that there are as a matter of fact 4 separate 3 letter pieces, specifically ‘fbi, ‘cbs’, ‘ibm’ and ‘irs’. Presently, in the event that these had been irregular letter strings with no related significance there would be little lump, or to be sure probability of piecing the letters. Anyway it is recommended that the notable abbreviations of administrative and industry associations extensively

This question has been answered.

Get Answer