Computer Science
Campbellsville How DHS Should Handle Attacks Discussion

Question Description

I’m studying and need help with a Computer Science question to help me learn.

Chapter 1 provided a high-level overview of the need for a national framework for protecting critical infrastructure. For some additional reading, take a look at the latest Presidential Order that relates to strengthening cybersecurity that relates to critical infrastructure:

https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

After reading chapter 1 and looking at the link above, you're ready to participate in the first discussion.

Let’s look at a real-world scenario and how the Department of Homeland Security (DHS) plays into it. In the scenario, the United States will be hit by a large-scale, coordinated cyber attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit. Please explain how DHS should handle this situation.

You must do the following:

1) Create a new thread with 2pages. As indicated above, please explain how DHS should handle the situation described in the preceding paragraph.

2) Select AT LEAST 2 other students' threads and post substantive comments on those threads. Your comments should extend the conversation started with the thread.

ALL original posts and comments must be substantive. (I'm looking for about a paragraph - not just "I agree.")

Writing must be your own ........Plagiarism will be check !!!

Unformatted Attachment Preview

Cyber Attacks Protecting National Infrastructure, 1st ed. Chapter 1 Introduction Copyright © 2012, Elsevier Inc. All Rights Reserved 1 • National infrastructure – Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation Chapter 1 – Introduction Introduction • Conventional approach to cyber security not enough • New approach needed – Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc. All rights Reserved 2 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.1 – National infrastructure cyber and physical attacks 3 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.2 – Differences between small- and large-scale cyber security 4 • Three types of malicious adversaries Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks – External adversary – Internal adversary – Supplier adversary Copyright © 2012, Elsevier Inc. All rights Reserved 5 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.3 – Adversaries and exploitation points in national infrastructure 6 • Three exploitation points Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks – Remote access – System administration and normal usage – Supply chain Copyright © 2012, Elsevier Inc. All rights Reserved 7 • Infrastructure threatened by most common security concerns: – – – – Chapter 1 – Introduction National Cyber Threats, Vulnerabilities, and Attacks Confidentiality Integrity Availability Theft Copyright © 2012, Elsevier Inc. All rights Reserved 8 • What is a botnet attack? – The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. – Sources of attack are scattered and difficult to identify – Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Botnet Threat 9 • Five entities that comprise botnet attack: – – – – – Botnet operator Botnet controller Collection of bots Botnot software drop Botnet target Chapter 1 – Introduction Botnet Threat • Distributed denial of service (DDOS) attack: bots create “cyber traffic jam” Copyright © 2012, Elsevier Inc. All rights Reserved 10 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.4 – Sample DDOS attack from a botnet 11 • Ten basic design and operation principles: – – – – – Deception Separation Diversity Commonality Depth – – – – – Chapter 1 – Introduction National Cyber Security Methodology Components Discretion Collection Correlation Awareness Response Copyright © 2012, Elsevier Inc. All rights Reserved 12 • Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary Chapter 1 – Introduction Deception – Computer scientists call this functionality a honey pot • Deception enables forensic analysis of intruder activity • The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved 13 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.5 – Components of an interface with deception 14 • Separation involves enforced access policy restrictions on users and resources in a computing environment Chapter 1 – Introduction Separation • Most companies use enterprise firewalls, which are complemented by the following: – Authentication and identity management – Logical access controls – LAN controls – Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved 15 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.6 – Firewall enhancements for national infrastructure 16 • Diversity is the principle of using technology and systems that are intentionally different in substantive ways. • Diversity hard to implement Chapter 1 – Introduction Diversity – A single software vendor tends to dominate the PC operating system business landscape – Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved 17 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.7 – Introducing diversity to national infrastructure 18 • Consistency involves uniform attention to security best practices across national infrastructure components • Greatest challenge involves auditing • A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Commonality 19 • Depth involves using multiple security layers to protect national infrastructure assets • Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Depth 20 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.8 – National infrastructure security through defense in depth 21 • Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure • This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Discretion 22 • Collection involves automated gathering of systemrelated information about national infrastructure to enable security analysis • Data is processed by a security information management system. • Operational challenges Chapter 1 – Introduction Collection – What type of information should be collected? – How much information should be collected? Copyright © 2012, Elsevier Inc. All rights Reserved 23 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.9 – Collecting national infrastructure-related security information 24 • Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection Chapter 1 – Introduction Correlation – This type of comparison-oriented analysis is indispensable • Past initiatives included real-time correlation of data at fusion center – Difficult to implement Copyright © 2012, Elsevier Inc. All rights Reserved 25 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.10 – National infrastructure highlevel correlation approach 26 • Awareness involves an organization understanding the differences between observed and normal status in national infrastructure • Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Awareness 27 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.11 – Real-time situation awareness process flow 28 • Response involves the assurance that processes are in place to react to any security-related indicator Chapter 1 – Introduction Response – Indicators should flow from the awareness layer • Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved 29 Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Fig. 1.12 – National infrastructure security response approach 30 • • • • Commissions and groups Information sharing International cooperation Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 1 – Introduction Implementing the Principles Nationally 31 ...
Purchase answer to see full attachment
Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool's honor code & terms of service.

Final Answer

hey please look at what I've done and tell me if you like it.

Running Head: DEPARTMENT OF HOMELAND SECURITY

Department of Homeland Security
Name
Institution

Department of Homeland Security.
How DHS should handle the situation described in the preceding paragraph.
It is important to note that the attack has already happened and there is nothing we can do about
it. So, the first appropriate thing the government should do is to maintain calmness and this they
will do by notifying the public about what is happening.
After that, they should have an emergency meeting that will be attended by all the heads of the
principal agencies of the government and the ones that have been affected such as the heads of
the commercial infrastru...

jerryt (3645)
Carnegie Mellon University

Anonymous
The tutor was pretty knowledgeable, efficient and polite. Great service!

Anonymous
Heard about Studypool for a while and finally tried it. Glad I did caus this was really helpful.

Anonymous
Just what I needed… fantastic!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
Similar Questions
Related Tags