Professional Documents
Culture Documents
S11199010 Tut3
S11199010 Tut3
QUESTION 1
Anonymous attackers are those who attack an organization without being known to the organization.
They may be motivated by personal gain, political ideology, or just for the challenge. They may have little
or no knowledge of the organization's systems and procedures, and they may have no access to the
organization's systems. Anonymous attackers can be difficult to detect, as they may not leave any traces
of their activity. However, they can also have a significant impact on the organization, even if they do not
have a lot of knowledge of the organization's systems.
Malicious insiders are those who are authorized to access an organization's systems and who use that
access to attack the organization. They may be motivated by financial gain, revenge, or to damage the
organization. Malicious insiders may have a good understanding of the organization's systems and
procedures, and they may have legitimate access to the organization's systems. Malicious insiders can be
easier to detect than anonymous attackers, as they may make mistakes or leave behind evidence of their
activity. However, they can also have a devastating impact on the organization, as they may have access
to sensitive information or may be able to disrupt operations.
Trusted attackers are those who are authorized to access an organization's systems and who are trusted
by the organization. However, they may abuse that trust to attack the organization. Trusted attackers
may have a deep understanding of the organization's systems and procedures, and they may have
privileged access to the organization's systems. Trusted attackers can be the most difficult to detect, as
they may have legitimate access to the organization's systems and may be able to cover their tracks.
Trusted attackers can have a catastrophic impact on the organization, as they may be able to steal
sensitive information or to disrupt operations without being detected.
QUESTION 2
The concept in the diagram shows how security policies and security mechanisms are used to counter
threats, vulnerabilities, and risks caused by threat agents
QUESTION 3
a. DOS
b. Availability – consumer does not have his data available.
c. Deploying a firewall, using a load balancer, and keeping software up to date.
PRACTICAL LAB