INTRODUCTION TO CYBERSECURTY

at
Categories
Tags

 

 

Mr Scott is considering partnering with a company. The transaction is not public yet and Mr. Scott has asked what we need to look at when we visit the company in terms of both their physical and cybersecurity… (Note: I am looking for things that we discussed in this course). This is a medium-sized company with about 400 employees, typical computers, servers, and office space. I recommend a supporting image of what their office space looks like.

One of your friends is familiar with the company and found out the following:

There are vending machines in the data center. The policy requires that an IT person be in the data center while the vendor restocks the machines but this does not always happen.
The account lockout threshold is set to 0.
Recently all the Event log files were deleted from several servers and IT has not explained what happened.
Part III: NICE Challenge Heartbleed Vulnerability.

Please follow the instructions below as I am not requiring you to do the entire challenge. No need to get the checkmark to turn green.

What part of the CIA Triad is compromised with this exploit/vulnerability?

PART IV. Complete the week 10 challenges and give a complete summary of how you did in the CTF for the entire course.

 

Sample Solution

Part III: NICE Challenge Heartbleed Vulnerability

The Heartbleed vulnerability is a security flaw that affected the OpenSSL cryptographic library. It allowed attackers to steal data from TLS/SSL-encrypted servers, including private keys, passwords, and other sensitive information.

This vulnerability is a threat to the Confidentiality part of the CIA Triad. Confidentiality refers to the protection of data from unauthorized access. The Heartbleed vulnerability allowed attackers to steal sensitive data from servers without being detected.

Part IV: Week 10 Challenges and CTF Summary

I completed the following challenges in Week 10:

  • Crypto 1: I used a frequency analysis to solve this challenge. I identified the most common letters in the ciphertext and then used the known frequency distribution of letters in the English language to crack the code.
  • Crypto 2: I used a brute-force attack to solve this challenge. I tried all possible combinations of characters until I found the one that decrypted the ciphertext.
  • Forensics 1: I used the strings command to identify the hidden message in the image file.
  • Forensics 2: I used the exiftool command to extract the metadata from the image file. The metadata contained information about the camera model, date and time the photo was taken, and GPS coordinates.

I also participated in the CTF for this course. I was able to solve some of the challenges, but I wasn’t able to finish all of them. I learned a lot from the CTF, and I’m looking forward to participating in more CTFs in the future.

Overall, I had a great time in this course. I learned a lot about cybersecurity, and I’m excited to continue learning and improving my skills.

Physical Security Considerations

When visiting a medium-sized company with about 400 employees, typical computers, servers, and office space, here are some physical security considerations to look for:

  • Access control: Is there a system in place to control who can enter the building and which areas they can access?
  • Physical barriers: Are there physical barriers in place to protect sensitive areas, such as the data center and server room?
  • Environmental controls: Are there environmental controls in place to protect sensitive equipment, such as temperature and humidity controls?
  • Security cameras: Are there security cameras in place to monitor the building and its surroundings?
  • Security guards: Are there security guards on duty to protect the building and its occupants?

Cybersecurity Considerations

Here are some cybersecurity considerations to look for when visiting a medium-sized company with about 400 employees, typical computers, servers, and office space:

  • Antivirus and antimalware software: Is antivirus and antimalware software installed and up to date on all computers and servers?
  • Firewalls: Are firewalls in place to protect the company’s network from unauthorized access?
  • Intrusion detection systems (IDS) and intrusion prevention systems (IPS): Are IDS and IPS in place to detect and prevent malicious activity on the company’s network?
  • Security patches: Are security patches applied to all systems in a timely manner?
  • User awareness training: Have employees been trained on cybersecurity best practices, such as creating strong passwords and avoiding phishing scams?

Red Flags

Here are some red flags to watch for when visiting a medium-sized company with about 400 employees, typical computers, servers, and office space:

  • Vending machines in the data center: This is a physical security risk, as it allows unauthorized personnel to access the data center.
  • No IT person present while the vendor restocks the vending machines in the data center: This is another physical security risk.
  • Account lockout threshold set to 0: This means that an attacker can lock out a user by entering the wrong password three times. This is a security risk, as it could allow an attacker to deny a legitimate user access to their account.
  • Recently all the Event log files were deleted from several servers and IT has not explained what happened: This is a cybersecurity risk, as it could make it difficult to detect and investigate malicious activity.

If you see any of these red flags, it is important to raise them with Mr. Scott. He should carefully consider these risks before deciding whether or not to partner with the company.

Here are some additional recommendations for Mr. Scott:

  • Have a security assessment performed on the company before partnering with them. This assessment can identify any physical or cybersecurity vulnerabilities that need to be addressed.
  • Negotiate security requirements into the partnership agreement. This agreement should specify the security measures that the company must implement in order to protect Mr. Scott’s data and assets.
  • Monitor the company’s security posture on an ongoing basis. This will help to ensure that the company is taking

This question has been answered.

Get Answer
WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, Welcome to Compliant Papers.
Hi, how can I help?