Scribd Logo
Upload

Welcome to Scribd!

  • ASSIGNMENT 1docx

    Uploaded by

    Janika Estangki
    4 views2 pages

    Original Title

    ASSIGNMENT_1docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views2 pages

    ASSIGNMENT 1docx

    Uploaded by

    Janika Estangki

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    ASSIGNMENT 1

    1. Analyze three(3) specific potential malicious attacks and/or threats that


    could be carried out against the network and organization.
    a. Phishing
    b. Password Attacks
    c. Insider threats
    2. Explain the potential impact of the three (3) selected malicious attacks
    in detail.
    a. Phishing
    - Phishing is a sort of fraud in which an attacker impersonates a
    legitimate entity or person via email or other means of contact.
    Attackers regularly use phishing emails to provide malicious links
    or files. Some will steal login credentials or account information
    from their victims. Cybercriminals prefer misleading phishing
    because persuading someone to click a harmful link in a seemingly
    legitimate phishing email is far easier than breaching a computer’s
    defenses. To detect and prevent phishing, you must first learn about
    it. Social networking tactics are widely used in phishing efforts
    via email or other electronic communication. Two examples of tactics
    are direct communications sent via social media and SMS text
    messaging. Using public sources of information, phishers can learn
    about the victim's personal and professional past. Cybercriminals
    are employing the same tactics used by professional marketers to
    determine the most effective types of messaging. Fake websites are
    set up to deceive people into giving over personal and financial
    information. The goal is to infect the user's device with malware or
    redirect the victim to a bogus website. Many are victims of
    phishing, not only in organizations; anyone can fall victim to it.
    At the height of the pandemic, phishing is rampant.
    b. Data breach
    - A data breach is a security incident in which unauthorized access to
    private or sensitive information (such as student data) occurs. Data
    breaches involving students and educators were among the most common
    cyber events in 2019.
    c. Ransomware
    - Ransomware encrypts data and documents using malicious software
    (also known as malware). Malware can impact a single computer or an
    entire network, including servers. It’s one of the internet’s most
    critical cybersecurity threats right now. Victims have two options
    for regaining access to their data: pay a ransom or start again with
    a new hard drive and restore data from backups. Some cyber-attacks
    are caused by people clicking on what appears to be a harmless email
    attachment, only for it to contain a malicious payload that encrypts
    the victim's computer and hard drives. Ransomware campaigns have
    increasingly targeted the educational sector. Due to the coronavirus
    outbreak, schools and institutions are increasingly dependent on
    remote learning, and cyber hackers took notice. Thousands of people
    use the networks, many of whom use personal devices, and all it
    takes for a malevolent hacker to get access to the network is a
    successful phishing email or the cracking of one account's password.
    3. Propose the security controls you would consider implementing to protect
    against the selected potential malicious attacks.
    - To protects the institution from selected potential malicious
    attacks, there are security controls that could be considered for
    implementation:
    a. To be protected against phishing attacks, consider the following safety
    measures:
    a.1 Include security awareness in the organization’s culture. Personnel
    or employees will be able to detect and be likely to fall for phishers
    if they are made aware of the indications and hazards. They will also
    be able to flag an issue and report in order to take appropriate action
    to manage the incident.

    a.2 Do not provide information to unverified sources. Consult the

    4. Analyze three (3) potential concerns for data loss and data theft that may
    exist in the documented network.

    5. Explicate the potential impact of the three (3) selected data loss and
    data theft concerns.

    6. Propose the security controls you would consider implementing to protect


    against the selected concerns for data loss and data theft.

    7. Use at least three (3) quality resources in this assignment (no more than
    2-3 years old) from material outside the textbook.
    a. Https://Www.Cybsafe.Com/Community/Blog/How-Can-Phishing-Affect-a-
    Business/. Accessed 1 June 2022.
    b. “Cybersecurity in Education: What Teachers, Parents and Students Should
    Know | Berkeley Boot Camps.” Berkeley Boot Camps,
    bootcamp.berkeley.edu, 3 Sept. 2020,
    https://bootcamp.berkeley.edu/blog/cybersecurity-in-education-what-
    teachers-parents-and-students-should-know/.
    c. “What Is Ransomware? Everything You Need to Know about One of the
    Biggest Menaces on the Web | ZDNet.” ZDNet, www.zdnet.com,
    https://www.zdnet.com/article/ransomware-an-executive-guide-to-one-of-
    the-biggest-menaces-on-the-web/. Accessed 1 June 2022.
    d. Https://Ovic.Vic.Gov.Au/Privacy/Phishing-Attacks-and-How-to-Protect-
    against-Them/. Accessed 1 June 2022.

    You might also like