Cis 502 Week 3 Case Study

In: Computers and Technology

Submitted By quin
Words 1313
Pages 6
RUNNING HEAD: Advanced Persistent Threats Against RSA Tokens 1

Advanced Persistent Threats Against RSA Tokens
McQuinda Johnson
Dr. Al Oluyomi
CIS 502
January 27, 2014

Advanced Persistent Threats Against RSA Tokens 2 An evolution in the goals and sophistication of computer network intrusions has rendered these approaches insufficient for the threats facing many modern networked organizations. A new class of adversaries, appropriately dubbed the “Advanced Persistent Threat” (APT), represents well-resourced and trained adversaries that conduct multi-year intrusion campaigns targeting highly sensitive and valuable data in an attempt to gain a competitive edge, particularly in international business and law, or nation-state political and military affairs. These adversaries accomplish their goals using advanced tools and techniques designed to circumvent most conventional computer network defense mechanisms and remain undetected in their intrusion efforts or presence on networks over long periods of time. Network defense techniques which leverage knowledge about these adversaries can enable defenders to establish a state of information superiority which decreases the adversary’s likelihood of success with each subsequent intrusion attempt. Threat intelligence can be a force multiplier as organizations look to update their security programs and defenses to deal with increasingly sophisticated advanced persistent threats. Security managers need accurate, timely and detailed information to continuously monitor new and evolving attacks, and methods to exploit this information in furtherance of an improved defensive posture. Make no mistake about it: concurrent computer network defense contains a strong element of intelligence and counterintelligence that analysts and managers alike must understand and leverage. The tokens are the market leader…...

Similar Documents

Cis 502 Week 3 Case Study

...RUNNING HEAD: Advanced Persistent Threats Against RSA Tokens 1 Advanced Persistent Threats Against RSA Tokens McQuinda Johnson Dr. Al Oluyomi CIS 502 January 27, 2014 Advanced Persistent Threats Against RSA Tokens 2 An evolution in the goals and sophistication of computer network intrusions has rendered these approaches insufficient for the threats facing many modern networked organizations. A new class of adversaries, appropriately dubbed the “Advanced Persistent Threat” (APT), represents well-resourced and trained adversaries that conduct multi-year intrusion campaigns targeting highly sensitive and valuable data in an attempt to gain a competitive edge, particularly in international business and law, or nation-state political and military affairs. These adversaries accomplish their goals using advanced tools and techniques designed to circumvent most conventional computer network defense mechanisms and remain undetected in their intrusion efforts or presence on networks over long periods of time. Network defense techniques which leverage knowledge about these adversaries can enable defenders to establish a state of information superiority which decreases the adversary’s likelihood of success with each subsequent intrusion attempt. Threat intelligence can be a force multiplier as organizations look to update their security programs and defenses to deal with increasingly sophisticated advanced persistent threats. Security managers need accurate,......

Words: 1313 - Pages: 6

Cis 502 Week 8 Case Study 4 Strayer Latest

...CIS 502 WEEK 8 CASE STUDY 4 STRAYER LATEST To purchase this visit following link: https://coursehomework.com/product/cis-502-week-8-case-study-4-strayer-latest/ Contact us at: HELP@COURSEHOMEWORK.COM CIS 502 WEEK 8 CASE STUDY 4 STRAYER LATEST Case Study 4: Remote Access Attacks Due Week 8 and worth 100 points TAPE LIBRARY Remote Tape Library BLDG 3 4-Windows PC Ethernet Router Firewall 3-CISCO IDS Sensors 28-Windows PC Ethernet BLDG 4 30-Windows PC Ethernet BLDG 2 Main Bldg 10-Terminals 40 Windows PCs ROOM 10 10-Terminals
RADIUS SERVER Firewall VPN Server WEB Server IDS Monitor 2-File Servers UNIX SYSTEM V Ethernet 8-DISK DRIVES 4-Tape drive System 1000 Quick Finance Company Network Diagram Above is the Quick Finance Company network diagram. The company is a small business and does not invest much in security protection. System 1000 hosts a customer database as well as employee payroll systems. The company Web server has been defaced twice this month and the VPN server has suffered from session hijacking and Denial-of-Service (DOS) attacks twice last year. The company does not enforce a password policy and does not have a dedicated security professional. Write a five to eight (5-8) page paper in which you: 1. Analyze the Quick Finance Company Network Diagram and describe the assumptions you will need to make in order to identify vulnerabilities and recommend mitigation techniques as there is no further information from this company. The......

Words: 553 - Pages: 3

Cis 502 Week 7 Case Study 3 Strayer Latest

...CIS 502 WEEK 7 CASE STUDY 3 STRAYER LATEST To purchase this visit following link: https://coursehomework.com/product/cis-502-week-7-case-study-3-strayer-latest/ Contact us at: HELP@COURSEHOMEWORK.COM CIS 502 WEEK 7 CASE STUDY 3 STRAYER LATEST CASE STUDY 3: MOBILE DEVICES SECURITY Due Week 7 and worth 100 points The use of mobile devices is prevalent and growing rapidly as users heavily depend on them. Unfortunately, attackers follow the money and user population. In addition, mobile devices do not receive patches for their vulnerabilities. The Zeus-in-the-Mobile (ZitMo) attack against Android users is an example defeating the emerging technology to steal user’s credentials and ultimately money. Mobile devices can also spread malware. Read the article titled, “Mobile device attacks surge”, located at http://www.treasuryandrisk.com/2011/02/08/pr-mobile-device-attacks-surge, and FIPS 140-2 Security Policy, located at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1648.pdf. In addition, read the report titled, “Emerging Cyber Threats 2012”, located at http://www.gtisc.gatech.edu/doc/emerging_cyber_threats_report2012.pdf Write a five to eight (5-8) page paper in which you: 1. Describe the emerging cybersecurity issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report. 2. Analyze vulnerabilities of mobile devices in regard to usability and scale based on your research and suggest methods to mitigate the vulnerabilities of mobile......

Words: 551 - Pages: 3

Cis 502 Week 4 Case Study 2 Strayer Latest

...CIS 502 WEEK 4 CASE STUDY 2 STRAYER LATEST To purchase this visit following link: https://coursehomework.com/product/cis-502-week-4-case-study-2-strayer-latest/ Contact us at: HELP@COURSEHOMEWORK.COM CIS 502 WEEK 4 CASE STUDY 2 STRAYER LATEST Case Study 2: Social Engineering Attacks and Counterintelligence Due Week 4 and worth 100 points Social engineering attacks and counterintelligence have major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq. This type of information is considered as classified data by the Department of Defense. Read the article titled, “WikiLeaks Releases 400,000 Classified US Military Files”, located at http://www.voanews.com/english/news/WikiLeaks-Releases-400000-Classified-US-Military-Files- 105568738.html, and then read the article titled, “WikiLeaks: At Least 109,000 Killed During Iraq War”, located at http://abcnews.go.com/Politics/wikileaks-109000-deaths-iraq- war/story?id=11949670#.TyicXlxrOQo. Write a five to eight (5-8) page paper in which you: 1. Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and the Iraq War Logs. 2. Examine the importance of forming a sound information security workforce and describe the challenges faced by organizations......

Words: 521 - Pages: 3

Cis 502 Week 4 Case Study 2 Strayer Latest

...CIS 502 WEEK 4 CASE STUDY 2 STRAYER LATEST To purchase this visit following link: https://coursehomework.com/product/cis-502-week-4-case-study-2-strayer-latest/ Contact us at: HELP@COURSEHOMEWORK.COM CIS 502 WEEK 4 CASE STUDY 2 STRAYER LATEST Case Study 2: Social Engineering Attacks and Counterintelligence Due Week 4 and worth 100 points Social engineering attacks and counterintelligence have major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq. This type of information is considered as classified data by the Department of Defense. Read the article titled, “WikiLeaks Releases 400,000 Classified US Military Files”, located at http://www.voanews.com/english/news/WikiLeaks-Releases-400000-Classified-US-Military-Files- 105568738.html, and then read the article titled, “WikiLeaks: At Least 109,000 Killed During Iraq War”, located at http://abcnews.go.com/Politics/wikileaks-109000-deaths-iraq- war/story?id=11949670#.TyicXlxrOQo. Write a five to eight (5-8) page paper in which you: 1. Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and the Iraq War Logs. 2. Examine the importance of forming a sound information security workforce and describe the challenges faced by organizations......

Words: 521 - Pages: 3

Cis 502 Week 3 Case Study 1 Strayer Latest

...CIS 502 WEEK 3 CASE STUDY 1 STRAYER LATEST To purchase this visit following link: https://coursehomework.com/product/cis-502-week-3-case-study-1-strayer-latest/ Contact us at: HELP@COURSEHOMEWORK.COM CIS 502 WEEK 3 CASE STUDY 1 STRAYER LATEST Case Study 1: Advanced Persistent Threats Against RSA Tokens Due Week 3 and worth 100 points Authentication breach by impersonation or password crack has been popular for attackers to breach our assets. The latest RSA APT attack to breach one of the most secure RSA tokens alerted the industry and reminded all of us that there is no security that can last forever. We must remain vigilant and stay ahead of the game. Read the following documents: • “APT Summit Findings” located in the online course shell • “RSA Security Brief” located in the online course shell Write a five to eight (5-8) page paper in which you: 1. Analyze the Advanced Persistent Threats (APT) Summit Findings article as well as the RSA Security Brief article and identify the vulnerabilities that existed in the system. 2. Analyze the attack methods carried out in pursuit of the authentication breach and explain which methods were successful and why. 3. Suggest three (3) techniques or methods to protect against APT attacks in the future as the CSO for a large organization. 4. Determine what types of technologies would help alleviate the problems identified in the articles assuming you are the CSO or CTO in an organization. 5. Use at least three (3) quality......

Words: 463 - Pages: 2

Cis 502 Week 3 Case Study 1 Strayer New

...CIS 502 WEEK 3 CASE STUDY 1 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-3-case-study-1-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 3 CASE STUDY 1 STRAYER NEW Case Study 1: Advanced Persistent Threats Against RSA Tokens Due Week 3 and worth 100 points Authentication breach by impersonation or password crack has been popular for attackers to breach our assets. The latest RSA APT attack to breach one of the most secure RSA tokens alerted the industry and reminded all of us that there is no security that can last forever. We must remain vigilant and stay ahead of the game. Read the following documents: • “APT Summit Findings” located in the online course shell • “RSA Security Brief” located in the online course shell Write a five to eight (5-8) page paper in which you: 1. Analyze the Advanced Persistent Threats (APT) Summit Findings article as well as the RSA Security Brief article and identify the vulnerabilities that existed in the system. 2. Analyze the attack methods carried out in pursuit of the authentication breach and explain which methods were successful and why. 3. Suggest three (3) techniques or methods to protect against APT attacks in the future as the CSO for a large organization. 4. Determine what types of technologies would help alleviate the problems identified in the articles assuming you are the CSO or CTO in an organization. 5. Use at least three (3) quality resources...

Words: 867 - Pages: 4

Cis 502 Week 4 Case Study 2 Strayer New

...CIS 502 WEEK 4 CASE STUDY 2 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-4-case-study-2-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 4 CASE STUDY 2 STRAYER NEW Case Study 2: Social Engineering Attacks and Counterintelligence Due Week 4 and worth 100 points Social engineering attacks and counterintelligence have major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq. This type of information is considered as classified data by the Department of Defense. Read the article titled, “WikiLeaks Releases 400,000 Classified US Military Files”, located at http://www.voanews.com/english/news/WikiLeaks-Releases-400000-Classified-US-Military-Files- 105568738.html, and then read the article titled, “WikiLeaks: At Least 109,000 Killed During Iraq War”, located at http://abcnews.go.com/Politics/wikileaks-109000-deaths-iraq- war/story?id=11949670#.TyicXlxrOQo. Write a five to eight (5-8) page paper in which you: 1. Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and the Iraq War Logs. 2. Examine the importance of forming a sound information security workforce and describe the challenges faced by organizations in......

Words: 983 - Pages: 4

Cis 502 Week 7 Case Study 3 Strayer New

...CIS 502 WEEK 7 CASE STUDY 3 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-7-case-study-3-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 7 CASE STUDY 3 STRAYER NEW CASE STUDY 3: MOBILE DEVICES SECURITY Due Week 7 and worth 100 points The use of mobile devices is prevalent and growing rapidly as users heavily depend on them. Unfortunately, attackers follow the money and user population. In addition, mobile devices do not receive patches for their vulnerabilities. The Zeus-in-the-Mobile (ZitMo) attack against Android users is an example defeating the emerging technology to steal user’s credentials and ultimately money. Mobile devices can also spread malware. Read the article titled, “Mobile device attacks surge”, located at http://www.treasuryandrisk.com/2011/02/08/pr-mobile-device-attacks-surge, and FIPS 140-2 Security Policy, located at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1648.pdf. In addition, read the report titled, “Emerging Cyber Threats 2012”, located at http://www.gtisc.gatech.edu/doc/emerging_cyber_threats_report2012.pdf Write a five to eight (5-8) page paper in which you: 1. Describe the emerging cybersecurity issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report. 2. Analyze vulnerabilities of mobile devices in regard to usability and scale based on your research and suggest methods to mitigate the vulnerabilities of mobile devices...

Words: 1043 - Pages: 5

Cis 502 Week 8 Case Study 4 Strayer New

...CIS 502 WEEK 8 CASE STUDY 4 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-8-case-study-4-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 8 CASE STUDY 4 STRAYER LATEST Case Study 4: Remote Access Attacks Due Week 8 and worth 100 points TAPE LIBRARY Remote Tape Library BLDG 3 4-Windows PC Ethernet Router Firewall 3-CISCO IDS Sensors 28-Windows PC Ethernet BLDG 4 30-Windows PC Ethernet BLDG 2 Main Bldg 10-Terminals 40 Windows PCs ROOM 10 10-Terminals
RADIUS SERVER Firewall VPN Server WEB Server IDS Monitor 2-File Servers UNIX SYSTEM V Ethernet 8-DISK DRIVES 4-Tape drive System 1000 Quick Finance Company Network Diagram Above is the Quick Finance Company network diagram. The company is a small business and does not invest much in security protection. System 1000 hosts a customer database as well as employee payroll systems. The company Web server has been defaced twice this month and the VPN server has suffered from session hijacking and Denial-of-Service (DOS) attacks twice last year. The company does not enforce a password policy and does not have a dedicated security professional. Write a five to eight (5-8) page paper in which you: 1. Analyze the Quick Finance Company Network Diagram and describe the assumptions you will need to make in order to identify vulnerabilities and recommend mitigation techniques as there is no further information from this company. The......

Words: 553 - Pages: 3

Cis 502 Week 3 Case Study 1 Strayer New

...CIS 502 WEEK 3 CASE STUDY 1 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-3-case-study-1-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 3 CASE STUDY 1 STRAYER NEW Case Study 1: Advanced Persistent Threats Against RSA Tokens Due Week 3 and worth 100 points Authentication breach by impersonation or password crack has been popular for attackers to breach our assets. The latest RSA APT attack to breach one of the most secure RSA tokens alerted the industry and reminded all of us that there is no security that can last forever. We must remain vigilant and stay ahead of the game. Read the following documents: • “APT Summit Findings” located in the online course shell • “RSA Security Brief” located in the online course shell Write a five to eight (5-8) page paper in which you: 1. Analyze the Advanced Persistent Threats (APT) Summit Findings article as well as the RSA Security Brief article and identify the vulnerabilities that existed in the system. 2. Analyze the attack methods carried out in pursuit of the authentication breach and explain which methods were successful and why. 3. Suggest three (3) techniques or methods to protect against APT attacks in the future as the CSO for a large organization. 4. Determine what types of technologies would help alleviate the problems identified in the articles assuming you are the CSO or CTO in an organization. 5. Use at least three (3) quality resources...

Words: 1300 - Pages: 6

Cis 502 Week 4 Case Study 2 Strayer New

...CIS 502 WEEK 4 CASE STUDY 2 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-4-case-study-2-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 4 CASE STUDY 2 STRAYER NEW Case Study 2: Social Engineering Attacks and Counterintelligence Due Week 4 and worth 100 points Social engineering attacks and counterintelligence have major impacts to our national security. In July 2010, the Afghan War Diary was released in WikiLeaks. In October 2010, WikiLeaks also released the largest military leak in history – the Iraq War Logs revealing the war occupation in Iraq. This type of information is considered as classified data by the Department of Defense. Read the article titled, “WikiLeaks Releases 400,000 Classified US Military Files”, located at http://www.voanews.com/english/news/WikiLeaks-Releases-400000-Classified-US-Military-Files- 105568738.html, and then read the article titled, “WikiLeaks: At Least 109,000 Killed During Iraq War”, located at http://abcnews.go.com/Politics/wikileaks-109000-deaths-iraq- war/story?id=11949670#.TyicXlxrOQo. Write a five to eight (5-8) page paper in which you: 1. Describe what social engineering and counterintelligence are and their potential implications to our national security in regard to the leaked Afghan War Diary and the Iraq War Logs. 2. Examine the importance of forming a sound information security workforce and describe the challenges faced by organizations in......

Words: 1474 - Pages: 6

Cis 502 Week 7 Case Study 3 Strayer New

...CIS 502 WEEK 7 CASE STUDY 3 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-7-case-study-3-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 7 CASE STUDY 3 STRAYER NEW CASE STUDY 3: MOBILE DEVICES SECURITY Due Week 7 and worth 100 points The use of mobile devices is prevalent and growing rapidly as users heavily depend on them. Unfortunately, attackers follow the money and user population. In addition, mobile devices do not receive patches for their vulnerabilities. The Zeus-in-the-Mobile (ZitMo) attack against Android users is an example defeating the emerging technology to steal user’s credentials and ultimately money. Mobile devices can also spread malware. Read the article titled, “Mobile device attacks surge”, located at http://www.treasuryandrisk.com/2011/02/08/pr-mobile-device-attacks-surge, and FIPS 140-2 Security Policy, located at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1648.pdf. In addition, read the report titled, “Emerging Cyber Threats 2012”, located at http://www.gtisc.gatech.edu/doc/emerging_cyber_threats_report2012.pdf Write a five to eight (5-8) page paper in which you: 1. Describe the emerging cybersecurity issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report. 2. Analyze vulnerabilities of mobile devices in regard to usability and scale based on your research and suggest methods to mitigate the vulnerabilities of mobile devices...

Words: 1564 - Pages: 7

Cis 502 Week 8 Case Study 4 Strayer New

...CIS 502 WEEK 8 CASE STUDY 4 STRAYER NEW To purchase this visit following link: http://www.activitymode.com/product/cis-502-week-8-case-study-4-strayer-new/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 502 WEEK 8 CASE STUDY 4 STRAYER LATEST Case Study 4: Remote Access Attacks Due Week 8 and worth 100 points TAPE LIBRARY Remote Tape Library BLDG 3 4-Windows PC Ethernet Router Firewall 3-CISCO IDS Sensors 28-Windows PC Ethernet BLDG 4 30-Windows PC Ethernet BLDG 2 Main Bldg 10-Terminals 40 Windows PCs ROOM 10 10-Terminals
RADIUS SERVER Firewall VPN Server WEB Server IDS Monitor 2-File Servers UNIX SYSTEM V Ethernet 8-DISK DRIVES 4-Tape drive System 1000 Quick Finance Company Network Diagram Above is the Quick Finance Company network diagram. The company is a small business and does not invest much in security protection. System 1000 hosts a customer database as well as employee payroll systems. The company Web server has been defaced twice this month and the VPN server has suffered from session hijacking and Denial-of-Service (DOS) attacks twice last year. The company does not enforce a password policy and does not have a dedicated security professional. Write a five to eight (5-8) page paper in which you: 1. Analyze the Quick Finance Company Network Diagram and describe the assumptions you will need to make in order to identify vulnerabilities and recommend mitigation techniques as there is no further information from this company. The......

Words: 1105 - Pages: 5

Cis 502 Week 7 Case Study 3 - Mobile Devices Security

...CIS 502 Week 7 Case Study 3 - Mobile Devices Security Click Link Below To Buy: http://hwaid.com/shop/cis-502-week-7-case-study-3-mobile-devices-security/ The use of mobile devices is prevalent and growing rapidly as users heavily depend on them. Unfortunately, attackers follow the money and user population. In addition, mobile devices do not receive patches for their vulnerabilities. The Zeus-in-the-Mobile (ZitMo) attack against Android users is an example defeating the emerging technology to steal user s credentials and ultimately money. Mobile devices can also spread malware. Read the article titled, Mobile device attacks surge andFIPS 140-2 Security Policy. In addition, read the report titled, Emerging Cyber Threats 2012. Write a five to eight (5-8) page paper in which you: 1. Describe the emerging cybersecurity issues and vulnerabilities presented in the Emerging Cyber Threats 2012 report. 2. Analyze vulnerabilities of mobile devices in regard to usability and scale based on your research and suggest methods to mitigate the vulnerabilities of mobile devices. 3. Assess and describe the value of cryptography and encryption in regard to Equifax s approach to implementing stronger security policies around mobile devices. 4. Justify Gunter Ollmann s comments about Zeus-in-the-Mobile (ZitMo) and describe the implications of advanced security breaches such as this. 5. Several challenges of controlling information......

Words: 302 - Pages: 2