25 Feb Please see attached file . it is a quick assignment please follow all questions and for question 4 talk about what you learned ?? I need the assigment in 3 hours?Homework_011.docx
Please see attached file . it is a quick assignment please follow all questions and for question 4 talk about what you learned ?
I need the assigment in 3 hours
NAME:
TODAY’S DATE:
ISEC 650 Homework 1
Please use APA style formatting.
Question 1
Download Government Accountability Office’s report from this URL: https://www.gao.gov/assets/700/694158.pdf
If the link is no longer available, then do a web search by using the term “GAO Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach”.
Please read the pages 10-17 of the document. (Start reading from this section: “Attackers Exploited Vulnerabilities That Equifax Subsequently Reported Taking Actions to Address” until this section: “Equifax Reported Taking Steps to Identify Affected Individual”)
1) Categorize the actions of the hackers by using the cyber kill chain method by filling out the table below. Note that if you cannot find any specific action for a step within the GAO document, you can use external resources or use your judgment on which methods the hackers might have used.
|
Cyber Kill Chain Step |
Actions of Hackers |
|
Reconnaissance |
|
|
Weaponization |
|
|
Delivery |
|
|
Exploitation |
|
|
Installation |
|
|
Command & Control |
|
|
Actions on Objectives |
Question 2
For the Equifax 2017 case, please provide two components of the attack surface by providing justifications. Please describe the attack vector that leads to the compromise of millions of SSNs.
Question 3
As a senior security engineer, what defense-in-depth actions would be the most suitable for minimizing the Equifax’s exposure to this attack? Explain each action and provide the rationale to support using each specific action.
Question 4 – Weekly Learning and Reflection
