This story should be a minimum of 5 single space pages in length and font size 12. Your story can...

Question

This story should be a minimum of 5 single space pages in length and font size 12. Your story can take this forms: (1) describe the potential compromising of the security around a valued asset.The story should be broken down into the following stages:

Act I - Here we learn about the particular asset that is being protected/attacked. We should be introduced to at least one good guy that is defending this asset. We should also get an overview of the types of defenses that are in place to protect the asset.

Act II - Here we are introduced to the bad guy(s). We should learn a bit of their motivation for wanting to acquire the asset. We should also get a broad overview of the plan to compromise the security surrounding the asset.

Act III - The attack begins. Detailed steps should be given as the bad guy(s) execute their attack plan and how the security system/good guy(s) are reacting to each step of this attack. The action in this act should end as the attackers encounter an unexpected problem that threatens their success.

Act IV - In this final act, we begin by solving the dilemma encountered at the end of Act III. The action then completes as the final stages of the attack unfold, resulting in either the successful attainment of the desired asset, or in a failed attack. Plot twists are welcome.

Epilogue - In this short ending, we examine what happens after the action is over. Do the bad guys enjoy the spoils of victory, or suffer the consequences of defeat?

David · Accepted Answer

Running head: APA TYPING TEMPLATE
Running head: A Story about Computer Security Incident          1 
Introduction 
This is story about a computer security incident occurred in XYZ company. XYZ Company is an 
information technology service provider organization which has many clients all over the world. 
The organization has many internal employees as well as external employees. It is linked with 
various partners, vendors and other third party organizations. All the assets of the organization 
are accessible through LAN and WAN.
Act I 
 
The crucial assets of the company are its database and web services. The database contains the 
important information like employee records, vendors record, projects record including names, 
SSN no, account details, contact addresses, project details, etc. This database contains the crucial 
information which no company can afford to compromise. Web services are the services 
provided to its employees through internet, for example, the employees have the access to 
company’s portal and webmail. Through the web-portal they can access the company’s policies, 
project details, etc. Employees can request for an asset through this portal as per the 
requirements. Employees access their official e-mails through the web-mail service provided to 
them. The assets mentioned above are very critical and so needs to be protected. Attackers or 
Intruders always try to attack these assets so that they can access the crucial information.  
It is the responsibility of Security Administrator to protect the important assets of the 
organization. Security Administrators have very important role. The security of the crucial assets 
of the organization depends upon them. So to protect the software, various security measures are 
implemented which are discussed below:
Restricted Access 
Database server and the host machine are installed in a different server room where the employee 
access is limited. Password authentication is provided to both the servers. So, the one who knows 
the password can only login into the server machines.  
Multifactor Authentication 
This authentication is based on Biometric authentication mechanisms. Thumb impressions are 
the most common type of biometric authentication. Others metrics are Iris-scan and voiceprint. 
Multifactor authentication is implemented in the organization to improve the security of the 
system.  
RBAC 
RBAC stands for Role Based Access Policy. IT means the employees get the access depending 
upon their role in the organization. For example, a manager will have the different access rights 
as compared to his subordinates. RBAC policy is implemented in the organization so that the 
access rights can be effectively managed at the central level and an impartial system can be 
developed.  
Logging 
All the activities going through these servers are recorded into log files. Whenever a user try to 
login into the database server, his credentials will be recorded in the log file, including the time 
and duration of login. All the activities carried by the employee on the server are also recorded. 
To execute the file, employees need to have administrator privileges, so only the admin user can 
execute the files on the server. 
COMPUTER SECURITY INCIDENT 2 
Act II 
 
Bad guys are those who want to have unauthorized access to the important assets of an 
organization. There are many types of Bad Guys and their classification depends upon their role 
and actions. Some bad guys want to have the unauthorized access just to prove their power and 
capabilities to others. Some do it just for fun. But these attacks are very dangerous if have 
serious intentions behind it. These intentions may be the result of a business rivalry or cyber 
criminal attack on the nation. Cyber attacks are increasing day by day. 
A group of person is trying to gain the access to the authorized and crucial server of the XYZ 
Company so that they can steal the important information and then they can force the system to 
shut down. These professional hackers are hired by a rivalry business Company so that they can 
gain the access to the crucial information of the XYZ Company. And the company will suffer 
through a high loss in business which will shake its position in the market and obviously the 
rivalry company will gain huge benefits from it.  
Hackers created a professional plan for the same. They installed scanning tools which scanned 
the system or the resources of the organization to find out the loop holes or the vulnerabilities in 
the system. Their main aim is to have the unauthorized access to the crucial resources of the 
organization so that either they can steal the important information or they just want to disturbed 
the whole system. Sometimes they gain as much access as is sufficient to control the whole 
system, so that they can easily force the system shut down.

This story should be a minimum of 5 single space pages in length and font size 12. Your story can take this forms: (1) describe the potential compromising of the security around a valued asset.The...

Answer To: This story should be a minimum of 5 single space pages in length and font size 12. Your story can...

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment