Free Samples
CPPSEC2101 Apply Effective Communication Skills To Maintain Security
.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}
CPPSEC2101 Apply Effective Communication Skills To Maintain Security
0 Download6 Pages / 1,303 Words
Course Code: CPPSEC2101
University: Victoria University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Questions:
Skada system(oil and gas),
Analyse and discuss security strategy and the mistake the company did.
As a cyber security officer, you want to present a business to CEO of an organisation, what terminology would you use? For example White hat, Black hat module.
Social Engineering
How are harsh passwords been stored for example how Microsoft stores passwords on windows
What can you say about a friend who is sharing a vulnerability report with you (Ethical aspect)
Session hijacking and IP spoofing
Firewalls Limitations
Dot net, Linus kernel vulnerabilities and counter measures (build a story about it)
Process and flow of incident response (Engineering response)
Answers:
Analysis and discussion of security strategy and the mistake SCADA system made
Supervisory Control and Data Acquisition or SCADA Systems in Oil and Natural gases have so far been considered as one of the strongest hardware and software systems that help organizations in the Oil and Natural Gases industry to keep up with their day to day operations (Baudoin 2016). However, in recent times, it has been found in reports that the SCADA system is not that secured when it comes to the reporting of these organizations.
Security mistake that SCADA committed: The reports have revealed that there has been much vulnerability based on this system where several attacks were made on the SCADA systems and eventually to the organizations utilizing them. The SCADA Systems for Oil and Natural gases have been designed to take account of the Gas and Oil reporting for the different organizations but reports have suggested that in spite of this, there have been several attacks on the security systems in the industry due to the SCADA Systems and has been increasing at an exponential rate every year (Knapp and Langill 2014). The reports have also made it clear that these attacks were increasing in number with each passing year, especially in countries like the United Kingdom, Finland and some parts of the United States (Kashubsky 2015).
The probable reason that the findings have put forward is that these countries have been using internet much more than the rest of the world. SCADA, as an infrastructure provider for these organizations in Oil and Gas industry based on the Industrial Control System or ICS have been developed decades ago. At that point of time, cyber security was not considered to be a huge issue in the industry, therefore, the security systems were obviously vulnerable to the outside connectivity that were exposed to the internet. It was due to this adversary that the organizations and their oil and gas reporting information were vulnerable to the malicious attackers in the industry.
Presenting a business module to the CEO of an organisation
As the Cyber security officer, it needs to be suggested that the business module should follow the White-hat hacking module to stay steer clear of any security vulnerabilities that might jeopardize the system. A brief detail about the White Hat hacking module would be provided for the CEO as below:
White Hat hacking module: It has been noticed that normally business systems do not possess integrated security systems in them, and this is why it is required that the robust cyber security controls be able to separate the internet and corporate network. Even if the systems be connected to the network, it should be made sure that these be protected with strong firewall systems. Again, the systems should possess an intrusion detection system like the White Hat hacking module, which helps in the detection of any unauthorized intrusion and reports any security vulnerabilities in the hardware, software or networks.
Social Engineering
1.
Microsoft has the passwords stored in a secured way within the hash files in the directory c:WindowsSystem32Config directory. To access the stored passwords, it is required that the user has access to the SAM and System files. Microsoft always has a backup of these files stored within the Windows repair folders at the location c:WindowsRepair (Boonkrong and Somboonpattanakit 2016). SAM usually consists of the hashed passwords, although they are kept as encrypted files using a boot key within the system files.
2.
The Codes of Ethics and Business Information sharing has a legal law for the propagation of any kind of information called the ‘Confidential Information Obligations’. This law states that the sharing of any kind of information, like vulnerability reports are an obligation if the person with whom the vulnerability report is being shared with has an authorized access over the reports.
Speaking of the ethical aspects of the entire situation, it is not considered to be morally correct if the action of sharing vulnerability report is with an unauthorized person who does not have permission to view the vulnerability report.
3.
Similarities
Session Hijacking
IP Spoofing
Session hijacking is often confused with IP spoofing. IP Spoofing is utilized for various types of attacks that also include session hijacking. Session hijacking is the process of hacking into a system without the requirement of passwords with just hacking the sessions by the users.
In the similar way it can be said that both Session Hijacking and IP Spoofing are almost the same, which can be put as the following statement:
All Session Hijacking are IP Spoofing techniques but all IP Spoofing attacks are not Session Hijacking.
Dissimilarities
Session Hijacking
IP Spoofing
Session hijacking mostly occurs at the TCP level when a hacker tries to get their hands on the TCP session between two machines.
IP spoofing is generally the way by which IP addresses are forged within an IP packet (Manivannan and Sathiyamoorthy 2017).
4. Firewalls Limitations
Although Firewall is expected to secure the network in a system, but they also have limitations, which would be listed as follows:
Firewall is not capable of preventing a user or an attacker with modems from dialing in to or out of the internal network, thus bypassing the firewall and its protection completely (Vichare 2017).
Firewalls fail to enforce misuse of passwords.
Firewalls cannot ensure protection against nontechnical security risks like that of the means of social engineering.
5.
The security firm of Qualys had discovered the first vulnerability to be as CVE-2018-14634. This flaw is located in create_elf_tables() function in a Linux kernel and has a potential to be exploited on 64-bit systems with the help of local users. This is heightened with having access to the SUID binaries (Xu et al. 2015).
CVE-2018-17182 has been tracked as the second vulnerability. It has been a flaw where the vulnerability has a potential to be exploited on kernels without a configuration of heightened security systems. The vulnerability has the potential to achieve an arbitrary code execution after exploitation as root. This affects all kernel versions since 3.16.
6. Process and flow of incident response (Engineering response)
Incident response is specifically a business process that mostly aims at investigating, identifying and responding to the specific potential security incidences in a business process that minimizes the chances of the incident in having a strong impact within the organization (Webb et al. 2017).
The flow of incident response should be as follows:
Developing a list for the top tier applications, databases, users and networks and other assets on the basis of the impact of these affecting the business organization.
Quantifying accurate asset values.
Capturing of traffic patterns and baselines.
References
Baudoin, C.R., 2016, September. Deploying the Industrial Internet in Oil & Gas: Challenges and Opportunities. In SPE Intelligent Energy International Conference and Exhibition. Society of Petroleum Engineers.
Boonkrong, S. and Somboonpattanakit, C., 2016. Dynamic salt generation and placement for secure password storing. International Journal of Computer Science, 43(1).
Kashubsky, M., 2015. Offshore Oil and Gas Installations Security: An International Perspective. Informa Law from Routledge.
Knapp, E.D. and Langill, J.T., 2014. Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress.
Manivannan, S.S. and Sathiyamoorthy, E., 2017. A Prevention Model for Web Application Session Hijack Attacks in Wireless Networks Using MAC Appended Session ID.
Vichare, S.S., 2017. Comparative Study on Firewall and Intrusion Detection System. International Journal of Engineering Science, 13716.
Webb, J., Ahmad, A., Maynard, S., Baskerville, R. and Shanks, G., 2017. Organizational Security Learning from Incident Response.
Xu, W., Li, J., Shu, J., Yang, W., Xie, T., Zhang, Y. and Gu, D., 2015, October. From collision to exploitation: Unleashing use-after-free vulnerabilities in linux kernel. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 414-425). ACM.
Free Membership to World’s Largest Sample Bank
To View this & another 50000+ free samples. Please put
your valid email id.
Yes, alert me for offers and important updates
Submit
Download Sample Now
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
UploadUnique Document
DocumentUnder Evaluation
Get Moneyinto Your Wallet
Total 6 pages
PAY 4 USD TO DOWNLOAD
*The content must not be available online or in our existing Database to qualify as
unique.
Cite This Work
To export a reference to this article please select a referencing stye below:
APA
MLA
Harvard
OSCOLA
Vancouver
My Assignment Help. (2021). Apply Effective Communication Skills To Maintain Security. Retrieved from https://myassignmenthelp.com/free-samples/cppsec2101-apply-effective-communication-skills-to-maintain-security/scada-systems-in-oil-and-natural-gases.html.
“Apply Effective Communication Skills To Maintain Security.” My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/cppsec2101-apply-effective-communication-skills-to-maintain-security/scada-systems-in-oil-and-natural-gases.html.
My Assignment Help (2021) Apply Effective Communication Skills To Maintain Security [Online]. Available from: https://myassignmenthelp.com/free-samples/cppsec2101-apply-effective-communication-skills-to-maintain-security/scada-systems-in-oil-and-natural-gases.html[Accessed 18 December 2021].
My Assignment Help. ‘Apply Effective Communication Skills To Maintain Security’ (My Assignment Help, 2021)
My Assignment Help. Apply Effective Communication Skills To Maintain Security [Internet]. My Assignment Help. 2021 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/cppsec2101-apply-effective-communication-skills-to-maintain-security/scada-systems-in-oil-and-natural-gases.html.
×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}
×
Thank you for your interest
The respective sample has been mail to your register email id
×
CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.
Account created successfully!
We have sent login details on your registered email.
User:
Password:
If you are searching for marketing assignment help for a complex topic, we can help you with the best solutions. You can hire our team of professional writers who can write a solution for you that is informative and impressive. With our experts by your side, you will be able to present an assignment that has unique details regarding the topic. Call us to know more about our writing service.
Latest Management Samples
div#loaddata .card img {max-width: 100%;
}
MPM755 Building Success In Commerce
Download :
0 | Pages :
9
Course Code: MPM755
University: Deakin University
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More
SNM660 Evidence Based Practice
Download :
0 | Pages :
8
Course Code: SNM660
University: The University Of Sheffield
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration
BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20
Course Code: BSBHRM513
University: Tafe NSW
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More
MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5
Course Code: MKT2031
University: University Of Northampton
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: United Kingdom
Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration
MN506 System Management
Download :
0 | Pages :
7
Course Code: MN506
University: Melbourne Institute Of Technology
MyAssignmentHelp.com is not sponsored or endorsed by this college or university
Country: Australia
Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology
Next