in class activity

.rtf

School

Pennsylvania State University *

*We aren’t endorsed by this school

Course

456

Subject

Information Systems

Date

Dec 6, 2023

Type

rtf

Pages

3

Uploaded by ChiefCat7534

1. How could this incident have been avoided? Regular Patching: Drew left work without completing his checklist. Had he installed the recently released patch, the vulnerability that the malware exploited would not have been present. Regularly scheduled patch updates, especially for known vulnerabilities, are crucial. Employee Training: Employees should be trained to complete all tasks before leaving, regardless of personal emergencies. A system could be in place where another employee checks to ensure all tasks are completed if one must leave in an emergency. Segmentation: The internal network should be segmented so that if one system is compromised, not all systems are accessible. Email Filtering: More aggressive email filtering could prevent suspicious emails from entering the organization's network. 2. Explain Vulnerabilities and how to prevent vulnerabilities. How do you detect vulnerabilities. Vulnerabilities are weaknesses in a system that can be exploited by malicious actors to gain unauthorized access, execute commands, or disrupt services. Prevention: Regular Patching: Always keep software and systems up-to-date. Employee Training: Educate employees about the importance of security hygiene. Use of Security Software: Implement intrusion detection systems, firewalls, and antivirus software. Detection: Use tools like vulnerability scanners to identify weaknesses in a system. Regularly
scheduled security audits and penetration testing can also help in detecting vulnerabilities. 3. What kind of measures should have been in placed on the 10th grader computer? In addition, would some kind of internet training be helpful in this situation? Explain. Parental Controls: Parents can use software solutions to restrict the types of websites their children can access, including potentially dangerous sites that offer warez or hacking tools. Monitoring: Tools that monitor and log the sites visited can be used to keep track of online behavior. Education: Yes, internet training would be beneficial. If the 10th-grader had been educated about the dangers and consequences of cybercrime, she might have thought twice before taking such actions. Schools and parents should educate kids about ethical internet use and the consequences of cyber crimes. 4. What is a zero-day vulnerability? How can they be avoided? A zero-day vulnerability refers to a software security flaw that is unknown to the software vendor and has no patches or solutions available when it becomes public. Because of its unknown nature, such vulnerabilities can be exploited by attackers before vendors have time to address and patch the vulnerability. Avoidance: I think that even if the software can't identify a zero-day exploit directly, it might recognize malicious activity related to the exploit. Another thing is to ensure systems and users only have access to what they need, reducing the potential impact of an exploit. Also check that systems are isolated from each other to prevent the spread of malware exploiting zero-days.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help