Protecting Computer Systems: Critical Evaluation of computer security elements, latest cyber securit

Task 1: Security Elements

A utility company’s website is attacked by a botnet, a program built specifically to replicate malicious software on the Web. It was spreading rapidly online by injecting itself into vulnerable websites and then waiting for unsuspecting users to click on the site. When they did, the code copied itself on their computers. In a few months, 360,000 sites had been infected. The botnet was diabolically engineered to sniff out the Achilles heel in SQL. The botnet co-opted an application on the company Website and injected itself directly into a company database.

The fear was that in the process, it could get past the utility’s larger security perimeter and have its way with the company’s software portfolio of applications, database tools and other code. It also had the potential to install itself on the computers of anyone who visited the utility’s website. The attack was a legitimate risk to the utility company. The initial investigation reports that cyber-attack was initiated due to un-necessary admin privileges granted to an employee on a local area computer, this lead to unintentional escalation of privileges which compromised the security of server machine on the same premises.

Your task is to provide a report providing critical evaluation of computer security elements necessary to address the confidentiality, integrity and availability of computer security, latest cyber security challenges and its countermeasures, recommendation of framework for a given problem and provide understanding of user access control management to strengthen computer security in the context of given scenario.

-Critically appraise 5 elements of computer security which could be potential risk for information as well as computer systems.  Discuss example of each and provide countermeasures in the context of Cyber Security to prevent these elements from any compromise for a given scenario. ( 1000 words)

-Maintaining computer security involves implementing suitable preventative measures, detecting potential vulnerabilities, detecting possible threats, detecting compromised systems and handling incidents against cyber threats. However implementation of appropriate controls require in depth understanding of the business operations and the computers facilitating organisations objectives. Provide critical understanding of key Computer Security issues in given scenario using Threat Intelligence Concept. (700 words)

-Provide critical appraisal of most common cyber security frameworks available to protect computers against insider and outer Threat Actors. Also provide rationale of the choice considered for a given context. (800 words)

-Every organisation need to have robust processes in place to strengthen the security of their computer systems by implementing user control access management for its users. If users are provided with unnecessary system privileges or data access rights, then the impact of misuse or compromise of that users account will be more severe than it need be. The concept of least privileges is a fundamental computer security principle to safeguard computers against any escalation of privileges.

Your task is to explore different objects available in Active directory for User Account Management. Implement identity and access management controls to improve the computer security. Walk through snippets with some commentary should be required to demonstrate understanding of Active Directory (AD) installation steps, understanding of AD default Groups and Users, Securing Administrative Accounts, Investigating Group Policy and Configuring Users & Groups with explanation of how it can be an effective solution to a given problem to avoid any future security breach. (700 words)

-Critically explain the code of conduct required for an IT professional relating to social, ethical and legal considerations in computer security domain.