R_C843_Task_1.docx C843Managing Information Security KOP1 TASK 1: Analysis Response Table of Contents A. Exploited Vulnerabilities3 B. Confidentiality, Integrity, and Availability4 C. Federal Regulations5 D. Impac
...
R_C843_Task_1.docx C843Managing Information Security KOP1 TASK 1: Analysis Response Table of Contents A. Exploited Vulnerabilities3 B. Confidentiality, Integrity, and Availability4 C. Federal Regulations5 D. Impact Mitigation6 E. Incident Response6 F. Compliance with Federal Regulations7 G. Technical Controls8 H. Organizational Structure8 I. Risk Management9 J.Citations11 A: Exploited Vulnerabilities After careful review, there were a number of identified reasons why the attack on Azumer Water was successful. Overall, Azumer Water did not adhere to an adequate level of security hygiene nor did they follow the recommended industry security best practices. More specifically, Azumer Water did not implement any sort of end user training such as Security Awareness Training and Education (SATE). This lack of training paired with several other vulnerabilities such as a lack of password complexity, password change frequency, user access control, and firewall configuration standards, led to a full compromise of Azumers database. In this case, John Smith received a phishing email that was designed to capture his attention and coerce him to click a malicious link. Upon doing so, the hacktivist group Elecktores obtained access to the Azumer Water volunteer database. In reviewing the email received by John, it was noted that anyone with the minimum level of SATE training would have found that this email was very a. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . .. .. . . . . . . . . . . . . . . . . . .. . . . .
[Show More]
