Operation Security Policies

Anonymous
timer Asked: Feb 3rd, 2019
account_balance_wallet $9.99

Question Description

1.The following scenario is based on an actual attack deconstructed at a seminar I attended earlier this year. The names and locations have been removed to preserve the privacy of the organization in question.

Background:

No-Internal-Controls, LLC is a mid-sized pharmaceutical company in the Midwest of the US employing around 150 employees. It has grown over the past decade by merging with other pharmaceutical companies and purchasing smaller firms.

Recently No-Internal-Controls, LLC suffered a ransomware attack. The company was able to recover from the attack with the assistance of a third party IT Services Company.

Attack Analysis:

After collecting evidence and analyzing the attack, the third party was able to recreate the attack.

No-Internal-Controls, LLC has a number of PCs configured for employee training

These training computers use generic logins such as “training1”, “training2”, etc. with passwords of “training1”, “training2”, etc.

The generic logins were not subject to lock out due to incorrect logins

One of the firms purchased by No-Internal-Controls, LLC allowed Remote Desktop connections from the Internet through the firewall to the internal network for remote employees

Due to high employee turnover and lack of documentation none all of the IT staff were aware of the legacy remote access

The main office has only a single firewall and no DMZ or bastion host exists to mediate incoming remote desktop connections

The internal network utilized a flat architecture

An attacker discovered the access by use of a port scan and used a dictionary attack to gain access to one of the training computers

The attacker ran a script on the compromised machine to elevate his access privileges and gain administrator access

The attacker installed tools on the compromised host to scan the network and identify network shares

The attacker copied ransomware into the network shares for the accounting department allowing it spread through the network and encrypt accounting files

Critical accounting files were backed up and were recovered, but some incidental department and personal files were lost

Instructions:

You have been hired by No-Internal-Controls, LLC in the newly created role of CISO and have been asked to place priority on mitigating further attacks of this type.

Suggest one or more policies that would help mitigate against attacks similar to this attack

Suggest one or more controls to support each policy

Identify each of the controls as physical, administrative, or technical and preventative, detective, or corrective.

Keep in mind that No-Internal-Controls, LLC is a mid-sized company with a small IT staff and limited budget

Do not attempt to write full policies, simply summarize each policy you suggest in one or two sentences.

Clearly indicate how each policy you suggest will help mitigate similar attacks and how each control will support the associated policy

3-5 pages in length.

APA format.. citations, references etc...

Tutor Answer

School: Cornell University

Attached final. Cheers

Running head: OPERATION SECURITY POLICIES

Operation Security Policies
Student’s Name
Institution
Course
Date

1

OPERATION SECURITY POLICIES

2

Operation Security Policies
The case study indicates various loopholes that the company has left open in regard to
cybersecurity. This makes it easy for an attacker to come in and interfere with the system.
Despite the fact that some of the computers are used for training, they allow one to access the
system used by the organization. Therefore, they ought not to be ignored to that extent. In
addition, there are many breaches that are materialized in the organization (Peltier 2016). The
high turnover rate of the employees makes the management assume the possibility of an attack
among them. The high rate of turnover could actually be a major issue in regard to data security.
The firm should, therefore, apply various policies and their respective controls to ensure that the
firm is saved from such problems in the future.
Passwords policy
This is a policy that requires the firm to adopt secure passwords that keep the systems
safe from attackers. The passwords used need to have the qualities of being complex and
therefore not ea...

flag Report DMCA
Review

Anonymous
Tutor went the extra mile to help me with this essay. Citations were a bit shaky but I appreciated how well he handled APA styles and how ok he was to change them even though I didnt specify. Got a B+ which is believable and acceptable.

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors