Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 7, Problem 1CEDQ
Explanation of Solution
Trial made to hack the network:
“Yes”, from the case discussed it is clear that Miller is left with no option to pursue the vendetta.
Reason:
- Miller is required to attach tools such as fully explained network diagram of the SLS company with all the required files along with the access code that are required in attacking the network.
- The attack is made to the network using client VPN (Virtual Private Network) and was identified that front door was closed.
- Since, it is found closed doors at the front, the connection was tried to establish using a dial-up connection and it was again redirected to same authentication server that is used by the Virtual Private Network which made first attempt failure...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Do you think Sony's attack response was sufficient? Why do you think that?
Discussion Questions
Do you think Miller is out of options as he pursues his vendetta? If you think he could take additional actions in his effort to damage the SLS network, what are they?
Suppose a system administrator at SLS read the details of this case. What steps should he or she take to improve the company's information security program?
Consider Miller's hacking attempt in light of the intrusion kill chain described earlier and shown in Figure 7-1. At which phase in the kill chain has SLS countered his vendetta?
Ethical Decision Making
It seems obvious that Miller is breaking at least a few laws in his attempt at revenge. Suppose that when his scanning efforts had been detected, SLS not only added his IP address to the list of sites banned from connecting to the SLS network, the system also triggered a response to seek out his computer and delete key files on it to disable his operating system.
Would such action by SLS be ethical? Do you think action would be legal?
Suppose…
Is it possible for Eve's opponent to introduce system instability through a transparent Man-in-the-Middle attack? In this situation, how would you clarify it?
Chapter 7 Solutions
Principles of Information Security (MindTap Course List)
Ch. 7 - Prob. 1RQCh. 7 - Prob. 2RQCh. 7 - Prob. 3RQCh. 7 - Prob. 4RQCh. 7 - Prob. 5RQCh. 7 - Prob. 6RQCh. 7 - Prob. 7RQCh. 7 - Prob. 8RQCh. 7 - Prob. 9RQCh. 7 - Prob. 10RQ
Ch. 7 - Prob. 11RQCh. 7 - Prob. 12RQCh. 7 - Prob. 13RQCh. 7 - Prob. 14RQCh. 7 - Prob. 15RQCh. 7 - Prob. 16RQCh. 7 - Prob. 17RQCh. 7 - Prob. 18RQCh. 7 - Prob. 19RQCh. 7 - Prob. 20RQCh. 7 - Prob. 1ECh. 7 - Prob. 2ECh. 7 - Prob. 4ECh. 7 - Prob. 5ECh. 7 - Prob. 1CEDQCh. 7 - Prob. 2CEDQCh. 7 - Prob. 3CEDQ
Knowledge Booster
Similar questions
- Deepen our understanding of the CNSS's security model by discussing it here. Check out the material composition of the thing.arrow_forwardMake a compelling case in your own words for and against the benefits and drawbacks of a division of duties in an organization's information security strategy, based on your own professional experience?arrow_forwardWhat distinguishes a passive security compromise from an aggressive one? This is the reason why offensive assaults are more hazardous than defensive ones. To substantiate your arguments, please provide concrete examples.arrow_forward
- After reading the case presented in the module, write a short response to the following discussion questions and ethical decision making scenario. Discussion Questions Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that? How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance? Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?arrow_forwardConsider the first step of the common attack methodology we describe, which is to gather publicly available information on possible targets. What types of information could be used? What does this use suggest to you about the content and detail of such information? How does this correlate with the organization’s business and legal requirements? How do you reconcile these conflicting demands?arrow_forwardHow would you go about convincing several parties of the need for a solid security culture? How can you make it meaningful and genuine for those who aren't experts in the field?arrow_forward
- Imagine if Jim was going to be infected by a virus that was going to be attached to an email and sent to him. Can you talk about this attack in terms of vulnerabilities, threats, and the agents of those threats?arrow_forwardShould we go into great into explaining the many ideas and principles of security management?arrow_forwardHow can the CIA triad of security be applied to an organizationand not just a single system? Give examples to support yourposition.arrow_forward
- Outline a few options for seizing control of the meeting. To what extent can you defend yourself from this sort of attack?arrow_forwardWhat's the difference between taking a top-down strategy to information security and a bottom-up one?Because it is more effective to implement a method that works from the top down?arrow_forwardIt's possible that we don't need to go into great detail about different security management concepts and the underlying principles.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,