Scribd Logo
Upload

Welcome to Scribd!

  • Assignment #1 IS

    Uploaded by

    Narender Singh Chauhan
    25 views4 pages
    BuildingTrusts Pvt. Ltd. is a small asset management firm concerned about growing cyber threats. It has security systems but lacks continuous monitoring to timely detect threats. It receives many antivirus/perimeter alerts but can't determine importance. The company needs solutions like SIEM and EDR to continuously monitor, detect threats, and improve response. It also needs security awareness training and an incident response plan to strengthen its overall security posture.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    BuildingTrusts Pvt. Ltd. is a small asset management firm concerned about growing cyber threats. It has security systems but lacks continuous monitoring to timely detect threats. It receives many antivirus/perimeter alerts but can't determine importance. The company needs solutions like SIEM and EDR to continuously monitor, detect threats, and improve response. It also needs security awareness training and an incident response plan to strengthen its overall security posture.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views4 pages

    Assignment #1 IS

    Uploaded by

    Narender Singh Chauhan
    BuildingTrusts Pvt. Ltd. is a small asset management firm concerned about growing cyber threats. It has security systems but lacks continuous monitoring to timely detect threats. It receives many antivirus/perimeter alerts but can't determine importance. The company needs solutions like SIEM and EDR to continuously monitor, detect threats, and improve response. It also needs security awareness training and an incident response plan to strengthen its overall security posture.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    A ASSIGNMENT-1 (Information Security)

    FILE SUBMITTED TO
    GIAN JYOTI INSTITUTE OF MANAGEMENT
    &
    TECHNOLOGY
    PHASE-2, MOHALI
    AFFILIATED TO

    PUNJAB TECHNICAL UNIVERSITY, JALANDHAR


    FOR THE PARTIAL FULFILLMENT FOR QUALIFYING BCA DEGREE

    SUBMITTED TO: SUBMITTED BY:


    Prof. Siddhartha Shyam Vyas, Ph.D Narender Singh(2011237)

    Q1. Discuss 10 most popular virus attacks in modern IT industry.


    Q1. Ten popular virus attacks in modern IT industry:

    WannaCry: It is a ransomware attack that affected over 200,000 computers in 150 countries in 2017. It
    exploited a vulnerability in Windows and encrypted users' files, demanding a ransom in Bitcoin for their
    release.

    Stuxnet: It was a targeted attack on industrial control systems, primarily in Iran, in 2010. It was designed to
    disrupt and destroy nuclear centrifuges by exploiting a vulnerability in Siemens SCADA systems.

    NotPetya: It was a variant of the Petya ransomware that spread rapidly across computer networks in 2017,
    affecting companies worldwide. It targeted a vulnerability in the Windows Server Message Block (SMB)
    protocol.

    Mirai: It was a botnet attack that targeted Internet of Things (IoT) devices in 2016. It infected over 600,000
    devices and was used for distributed denial of service (DDoS) attacks.

    Zeus: It was a Trojan horse malware that targeted Windows machines in 2007. It stole banking credentials
    and other personal information.

    MyDoom: It was a worm that spread through email attachments in 2004. It created a backdoor on infected
    computers and launched DDoS attacks on specific websites.

    Conficker: It was a worm that targeted Windows systems in 2008. It spread through network shares and
    USB drives, and created a botnet of infected computers.

    CryptoLocker: It was a ransomware attack that spread via email attachments in 2013. It encrypted users'
    files and demanded a ransom in Bitcoin for their release.

    Code Red: It was a worm that targeted Windows servers in 2001. It exploited a vulnerability in the IIS web
    server and launched DDoS attacks on certain websites.

    Heartbleed: It was a vulnerability in the OpenSSL encryption library that was discovered in 2014. It
    allowed attackers to steal sensitive information, such as passwords and encryption keys, from vulnerable
    websites.

    Q2. Discuss the types of cyberattacks that one must be aware of in modern IT industry. What
    are the measures that can be taken to prevent cyber attacks?
    Q2. Types of cyberattacks and prevention measures:

    Types of cyberattacks that one must be aware of in modern IT industry include:

    Phishing attacks: These attacks use social engineering tactics to trick users into revealing sensitive
    information or downloading malware. Prevention measures include user education, spam filters, and multi-
    factor authentication.

    Malware attacks: These attacks use malicious software to infect systems and steal data. Prevention
    measures include antivirus software, firewalls, and regular software updates.

    Ransomware attacks: These attacks encrypt users' files and demand a ransom for their release. Prevention
    measures include data backups, network segmentation, and user education.
    DDoS attacks: These attacks flood a network with traffic to overwhelm it and cause downtime. Prevention
    measures include network monitoring, traffic filtering, and DDoS protection services.

    Insider attacks: These attacks are carried out by employees or contractors with access to sensitive
    information. Prevention measures include access controls, monitoring systems, and employee education.

    Measures that can be taken to prevent cyber attacks include implementing a comprehensive cybersecurity
    strategy, using strong passwords, encrypting data, regularly updating software, and conducting regular
    security audits.

    Q3. Explain system security threat – ‘Denial of Services’ attack and the protection techniques.

    Q3. Denial of Services (DoS) attack and protection techniques:

    A DoS attack is a type of cyber attack that aims to overwhelm a system with traffic, making it inaccessible
    to legitimate users. Protection techniques include:

    Network monitoring: This involves monitoring network traffic for signs of a DoS attack and taking action
    to block the traffic.

    Traffic filtering: This involves using firewalls and intrusion detection systems to filter out malicious traffic
    and allow legitimate traffic to pass.

    Load balancing: This involves distributing traffic across multiple servers to

    Q4. Go through the case study and answer the following questions given below:

    BuildingTrusts Pvt. Ltd. is a small-sized asset management firm. The CIO of the organization – Dr.
    Henry Jacobs is really concerned about the growing cyber threat and potential impact that a large-
    scale breach could have on its business.
    The organization already had several state-of-the-art security systems and hardware solutions
    focused on the perimeter of its network. It also conducted annual penetration tests and employed an
    external consultancy to perform quarterly information security reviews. However despite all this,
    somewhere along the way Henry knew that all this still wasn’t enough; the firm had to improve its
    vigilance. New threats were emerging multiple times a day. As a result, there was an urgency
    requirement to have some team / someone in place to keep a continuous watch over the systems and
    assess the risks all the time, so that malicious activity could be detected on a timely basis and a
    quick action could be taken to protect the business. Also, an in-house global security operations
    centre (SOC) was an option, but not viable looking at the firm’s size.
    At the time, the company was receiving many alerts from its antivirus and perimeter security
    products, but it wasn’t easy for the IT team to determine what was important & what wasn’t.

    a) What kind of organization is a BuildingTrusts Pvt. Ltd.?


    b) What are the challenges faced by BuildingTrusts Pvt. Ltd. concerning information security?
    c) Looking at the above current scenario, what are the basic parameters that organization must
    take care of or keep in mind as they work on implementing information security measures?
    d) What different security solution(s) you can recommend for BuildingTrusts Pvt. Ltd…?
    a) BuildingTrusts Pvt. Ltd. is a small-sized asset management firm.
    b) BuildingTrusts Pvt. Ltd. is facing the challenge of keeping up with the growing and evolving cyber threats.
    The organization has state-of-the-art security systems and hardware solutions in place but still lacks the
    necessary vigilance to detect and prevent malicious activities on a timely basis. Additionally, the organization
    receives many alerts from its antivirus and perimeter security products, but it is not easy for the IT team to
    determine which alerts are important and which ones are not.
    c) When implementing information security measures, BuildingTrusts Pvt. Ltd. must keep in mind the
    following basic parameters:

    Continuous Monitoring: BuildingTrusts Pvt. Ltd. must have a team or someone in place to keep a continuous
    watch over the systems and assess the risks all the time so that malicious activity can be detected on a timely
    basis and quick action can be taken to protect the business.

    Risk Assessment: BuildingTrusts Pvt. Ltd. must conduct a comprehensive risk assessment to identify
    potential vulnerabilities and threats and take appropriate measures to mitigate them.

    Security Awareness Training: BuildingTrusts Pvt. Ltd. must conduct regular security awareness training for
    its employees to ensure that they are aware of the risks and threats associated with cyber attacks and know
    how to respond to them.

    Incident Response Plan: BuildingTrusts Pvt. Ltd. must have an incident response plan in place to quickly
    respond to a security incident and minimize its impact.

    d) Based on the challenges faced by BuildingTrusts Pvt. Ltd., the following security solutions can be
    recommended:

    Security Information and Event Management (SIEM) solution: A SIEM solution can help BuildingTrusts Pvt.
    Ltd. detect and respond to security threats by collecting and analyzing security-related data from various
    sources.

    Endpoint Detection and Response (EDR) solution: An EDR solution can help BuildingTrusts Pvt. Ltd. detect
    and respond to threats at the endpoint level.

    Security Awareness Training: BuildingTrusts Pvt. Ltd. should provide regular security awareness training to
    its employees to ensure that they are aware of the risks and threats associated with cyber attacks and know
    how to respond to them.

    Incident Response Plan: BuildingTrusts Pvt. Ltd. should have an incident response plan in place to quickly
    respond to a security incident and minimize its impact.

    You might also like