Planet of the Grapes, a local wine and spirit merchant currently operates in three stores around Perth. Stores are independent from one another and there is no data sharing between stores, although this is not by design but simply a by-product of faster than expected expansion. The organisation is now moving into the online arena and has contracted your computer consulting company to perform a variety of audits on their computer network. The owners have never employed any IT security staff in the past and have preferred to set up systems for themselves. However, it has become apparent that the risks of moving business systems online are not to be ignored. For this reason you are being asked to make recommendations on a variety of specific systems.
These recommendations should be presented in a format suitable for a general technical audience – i.e. someone who is proficient in IT in general, but may not be a security expert. Furthermore, the report will also be read by upper management who may have less IT skill overall. There are three distinct tasks being requested in this phase of the audit. Each of these should be answered separately.
The site being audited has a total of 10 full time staff and an unspecified number of casual staff. The back-office duties are only undertaken by full time staff, although the staff common areas and offices are not locked or physically separated. Full time staffers handle payroll, HR and scheduling tasks. The front counter/cashier duties are sometimes taken on by full timers but also by casual staff. We have been informed that the turnover of casual staff is quite large, although the reasons for this are unknown. The computer systems in the back office are all networked via a Cisco small business series router supplied by Telstra, ADSL services are also provided by Telstra. To permit the owner(s) to check on files from home, remote access services are enabled on some but not all of the machines. There is no centralized server or authentication mechanism and users logon locally to these machines. The machines are running Windows XP SP2 and all contain two local user accounts “admin” and “user”. These accounts are shared by staff to ensure that files are always accessible to fellow staff.
You will require your student number to download the VM. You should download your own specific VM and not copy from a friend as there are multiple different VMs for different people.
Your first task is to assess the attack surface of this machine. The scope of your analysis is limited to (1) network level attacks and (2) physical attacks. You do not need to logon to the machine and analyse the individual software packages that have been installed; simply identifying any vulnerable services from a network level is sufficient.
Write a short report to the business manager outlining possible weaknesses and vulnerabilities in these systems. The report should start with a 1 page memo that summarises the issues and is understandable by a layperson. The following few pages should describe the technical details.
Your report should include an overview of the potential vulnerable services and of the physical attack points, reference specific CVE items (with brief explanations) and a prioritization of the most important issues. A fully exhaustive list of CVEs is not required (there are too many), but you should at least discuss the most critical dozen or so and these must be relevant to the actual system and services.
For phase two of this audit you gain access to the machine. You may use any of the vulnerabilities you discovered in Question 1 to gain this access.
You must gain a command prompt on the target machine and document the steps you took and evidence that you have obtained this access. This is a trivially simple task, so do not spend too long on this.
As you begin to audit the files, you notice that the hard drive contains some credit card validation software. Your testing shows that this program is vulnerable to a critical and yet common type of software security vulnerability. When you inquire about this software you learn that this cannot be patched as the code is part of a suite of utilities supplied by the financial provider and does not belong to the organisation.
Discuss the type of vulnerability briefly. Discuss the specific vulnerability and show how it theoretically may be exploited. Given that it is not possible to patch or amend the code and that it must remain in use, make several recommendations to reduce the risk this application poses.
While finishing up your analysis for the legacy code you notice a saved Email containing a quote that the administrator has saved about the new web systems being set up for the online store. You notice that the Email mentions that a particular hashing algorithm is to be used for digital signatures but your experience tells you that this isn’t the best approach.
Write a report explaining possible vulnerabilities caused by signing certificates with their chosen hash and how these could be exploited. You should include authoritative references about the weaknesses. You should also provide recommendations on how to mitigate the vulnerabilities for general systems as well as for the specific platform being used.
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2021). Computer Security. Retrieved from https://myassignmenthelp.com/free-samples/ict287-computer-security/attack-surface-modelling.html.
"Computer Security." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/ict287-computer-security/attack-surface-modelling.html.
My Assignment Help (2021) Computer Security [Online]. Available from: https://myassignmenthelp.com/free-samples/ict287-computer-security/attack-surface-modelling.html
[Accessed 27 October 2021].
My Assignment Help. 'Computer Security' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/ict287-computer-security/attack-surface-modelling.html> accessed 27 October 2021.
My Assignment Help. Computer Security [Internet]. My Assignment Help. 2021 [cited 27 October 2021]. Available from: https://myassignmenthelp.com/free-samples/ict287-computer-security/attack-surface-modelling.html.
With time, MyAssignmenthelp.com has become one of the best college essay writing services. Our all rounded services give students the confidence to overcome assignment related issues. Our services are fast enough to meet most urgent deadlines. We are capable of delivering fast essay writing services with the help of our specially designed provisions and writers' teams. Our urgent essay help services guarantee most rapid delivery of assignment solutions. Some of our most popular essay services are application essay help, exploratory essay help, literary review essay help and argumentative essay help.
Answer: Introduction Ransom ware virus had recently started a worldwide chaotic outbreak in May of 2017. The warehouse drawbacks and the recommendation for the threats and the ransom ware attacks on how to combat them have compiled in this report for the CFO of Motherboards and More Pty Ltd also discussing about the revenue cycle that is being followed. Overview of the revenue cycle The organization, Motherboards, and More Pty Ltd is ...Read More
Answer: Risk Assessment Methodology It is crucial for a leading company in the Information Technology industry to identify and devise the strategies for categorizing and mitigating the risks in order to maintain its position in the global market (Altuhhov, Matulevi?ius & Ahmed, 2013). Various frameworks are needed to be laid out for the minimization of the risks faced by Apple. The methodology for the assessment of risk faced by App...Read More
Answer: Introduction Aztek has decided to shift to the cloud and they are hoping to shift to the IT can be a blessing for them, the IT services can offer the facilities that can help them to enrich their business activities, the IT services can help them to outsource their services to third-party company and can be largely benefitted, however, they should be mindful of all the risks associated with the IT services (Lam, 2014). The report wil...Read More
Answer: Short overview of paper The third party cloud computing is the most promising outsourcing as applied to computation services such as Microsoft’s Azure and Amazon’s EC2 which allows users to install the virtual machines. However, there is several vulnerability of third party cloud computing which has been elaborated in this given research paper. Third party cloud computing- It has also been gaining momentum througho...Read More
Answer: Introduction The illegal activity that involves a computer and network is termed as cyber crime. Moreover, the protection approaches taken for avoiding threats, disruption, misdirection and theft from computer system referred to cyber security. Amin et al. (2013) stated that controlling physical access where hardware of the computer system can be accessed for protection against harm is a common method for implementing cyber se...Read More
Get top notch assistance from our best tutors !
Excel in your academics & career in one easy click!