Conflicting Domestic Laws in Various Regions - Assignment Example

Part 1. Conflicting domestic laws in various regions: The main advantage of an e business is that it can target the global market. However there is always the threat of conflicting domestic laws. To overcome this, the terms and conditions have to be set up carefully. It is always better to get a digital signature from the customer complying to these terms. 2. Hacking of the network: There are a number of potential hacking threats and hence it is always better to ensure that all the data that is transferred to and from the server to be encrypted using Secure Socket Layers. 3. SQL Injection: This is a form of hacking where in SQL statements are executed using input boxes in an application. These can be avoided by adopting secure coding standards and checking for vulnerabilities using tools such as Acunetix, etc.., 4. Cross site scripting: This is commonly known as the XSS threat and again this can also be avoided by adhering to secure coding standards and using tools such as Acunetix. Acunetix provides a report on vulnerabilities, if any, and suggestions to correct them. 5. Identity theft: This is a very common issue for e businesses. The data collected from the customers should never be made accessible to all employees. It should be stored in an encrypted form in the database and should be revealed only on a need–to–know basis, even to the employees. 6. Fraudulent Payments: Credit card thefts result in fraudulent payments made. These can be avoided by using fraud management filters and manually verifying the payments with the customer. 7. Chargebacks: This is a major issue for e businesses dealing with digital goods, as there is no manual proof of delivery to the customer. In these cases, it is safer to take some kind of signed authorization from the customer via. a fax, so that there is a proof of purchase. 8. Remote Command Execution: This is a method in which a person can gain access to an application from a remote server and execute commands. This can be avoided by disabling remote and anonymous user access to the server and information. 9. Weak Authorization: If the e business application has a private members only control panel, the login process should be made secure. There are many cases of individuals logging into other people’s accounts. There are automated scripts that can be run to crack a password as well. Hence it is essential to set up a lock down procedure and a minimum number of unsuccessful login attempts. This will eliminate the threat of an automated login. 10. Price Manipulation: Many hackers have found ways to manipulate the prices or amount that has to be paid for products and thus manage to pay lesser prices. This can avoided by encrypting payment buttons. Part 2: a. White Hat A white hat can be referred to as a hacker with the ability to detect security weaknesses. However unlike other hackers who aim at gaining out of the weakness in the security, these hackers let the owner be aware of this before any harm can be done to the systems. These hackers use various methods to convey the message to the owners either directly or indirectly. This is also a service which is provided by a number of ex black hatters, i.e. people who hack with the intent of causing harm. b. Smurf Attack Internet Protocol is used to buy several programs to target specific parts of a network. These targeted parts of a network are attacked by denial of services. This is known as a Smurf attack. The Smurf attack has received its logic from some known characteristics of the IP Internet Protocol and the ICMP (Internet Control Message Protocol). ICMP is widely used by networks to identify operational nodes. This is done by sending ping messages via. ICMP and when the node returns an echo message in response, it is evident that the node is operational. In a Smurf attack, a network packet is inserted into a valid IP, which belongs to the intended victim. This network packet contains an embedded ICMP ping message directed to a network’s broadcast IP. This will result in the ping message being sent to all possible combinations of IP in that network. This ping message will result in echo responses from all valid IPs in the network being sent to the victim’s IP. This will result in flooding of the victim’s IP creating heavy traffic and thus making it unusable for real traffic. The best way to avoid this kind of Smurf attacks is to disable IP broadcasting. c. Honey Pot A program that is set up to attract and capture people who are trying to hack into another system is known as a Honey Pot. Though it many not catch any hackers, the program can give a high learning experience. d. Pulsing Zombie A pulsing zombie is designed to hack a computer system without the owner’s knowledge and then target specific parts of the network to weaken them. This program is designed to weaken the systems rather than destroying the data. e. Back Orifice Back Orifice was created by a group of hackers to expose the bugs and security vulnerabilities of the world’s number one operating system, Microsoft Windows. The name is derived from Microsoft’s Back Office program. f. Shoulder Surfing Shoulder surfing, as the name indicates, refers to literally looking over people’s shoulder to gather secure information, such as ATM PIN numbers, system passwords, etc. The only way to avoid this is to be extremely cautious in crowded places. g. Dumpster Diving Dumpster diving is a technique adopted to check the trash containers to get access codes, passwords, etc.., written on pieces of papers or notes. Any type of information including a phone list or a list of to – do’s or a meeting chart can be used to gain access to a network. This can be avoided by destroying all pieces of papers using a shredder. h. Root Kit Initially, a user- level access is gained into a network and then a root kit is installed. This root kit contains a collection of tools which delivers administrator level access to the intruder. i. War driving War driving refers to the unauthorized use of a series of wireless LANs (Local Area Networks) by driving through the locations and gaining access using an antenna and an Ethernet card. This can be prevented by safeguarding the wireless networks using the Wired Equivalent Privacy encryption standard, etc. j. Bucket Bridge Bucket bridge attacks are also known as man in the middle attacks. In this case, an attacker intercepts messages transmitted with public keys between two parties and changes it to his own public key. The best way to avoid this is to use a public certificate along with a private key, so that only the two parties can decipher the messages. k. Sand box The Sandbox contains a set of rules for providing system resources for the Java applets. Hence the Java applet programming has to be done to confine within the strict limitations provided by the Sand Box in regards to the system resources that can be requested by the application. l. Blow fish Blowfish is essentially an encryption algorithm designed as an alternative for the DES and IDEA algorithms. It utilizes a variable – length private key from 32 – 48 bits for encrypting data. It is developed as a license free program. m. Anonymous FTP This is a method where the File transfer Protocol is done anonymously without providing the identity to the server. Here the user needs to enter ‘anonymous’ as the id and a password which is a default password. This is mainly for public view or downloads. n. Brute Force This is a method which involves trial and error. This is used mainly to decode the data which is encrypted for instance, passwords. This does not involve any intellectual strategies but involves brutal force, thus the name. This is a relatively longer process. o. Hacktivism The breaking in or hacking of a system with social or political intensions is referred to as Hacktivism. This is similar to hacking; however this is mainly done to create a tension and disruption in the political or social scene. p. Chaffing Winnowing These are components that can be used to enhance the privacy without the need for encryption. This is generally done by sending and receiving of false packets which are readable only by the intended readers or the authorized recipients. q. Cracker This is referred to a person who can crack or break into someone else’s system by overcoming all the passwords and licenses of the computer and the computer programs. This can be done for both harmful intensions as well as a service. This is very different from a hacker. r. Crosstalk This is the disturbance that is created because of the overlap of signals from electric or magnetic fields with that in a circuit. This is also referred to as electromagnetic interference. This can take place within network circuits as well as micro circuits within audio equipments. s. Weenie This can be defined as three different individuals in three different scenarios. Firstly in a internet chatting group, it is referred to a person who disturbs and disrupts the entire conversation. In the world of hackers, it is referred to individual with extensive knowledge and high commitment. Lastly in a game world, it is for a new bee and who is destroyed at early stages in terrible ways. t. Walled Garden This is a program which restricts the use and access to web content and services. This provides a chance for users to specify the particular areas of the web where access is restricted and others where only select material is usable and accessible. u. Snoop server This is a server which utilizes programs like packet sniffer to gain details of the network traffic. This is used for analysis ok security risks, monitor employees, and any risk related activities. This program is mostly for servers and not for individual computers. v. Carnivore This is a surveillance system by the FBI to monitor all the electronic transmissions of criminal suspects. This system has been replaced with other software like packet sniffer which is used from commercial sources. Part 3 Consider the information stored on your personal computer. Do you, at this moment, have information stored in your computer that is critical to your personal life? If that information became compromised or lost, what effect would it have on you? It is very common for people to store important information in a personal computer (as it is a personal computer) and I am no different. For instance, I have all the passwords to my mails, bank accounts and other websites stored in my browser. If this information gets compromised, anybody can get access to my personal mails and bank accounts. In addition to invading into my privacy, they can change the passwords in all these accounts and this will lock me out of my own accounts forever. Part 4 What is the primary objective of the SecSDLC? What are its major steps, and what are the major objectives of each step? Answer: SecSDLC is a methodology used to create a comprehensive security posture. 1) Investigation - Often begins as directive from management specifying the process, outcomes, and goals of the project and its budget. Teams assembled to analyze problems, define scope, specify goals, and identify constraints. 2) Analysis A - preliminary analysis of existing security policies or programs is prepared along with known threats and current controls. Includes an analysis of relevant legal issues that could affect the design of the security solution. 3) Logical Design - team members create and develop a blueprint for security, and examine and implement key policies . 4) Physical Design - Team members evaluate the technology needed to support the security blueprint, generate alternative solutions, and agree upon a final design 5) Implementation - The security solutions are acquired, tested, implemented, and tested again 6) Maintenance - Once the information security program is implemented, it must be operated, properly managed, and kept up to date by means of established procedures Part 5 List and describe the four IR planning steps. ANSWER: detection Incident, response Incident, containment Incident, recovery Incident Part 6 What criteria should be used when considering whether or not to involve law enforcement agencies during an incident? ANSWER: What type of crime committed. What state? Part 7 List and describe the three approaches to policy development presented in the text. In your opinion, which is better suited for use by a smaller organization, and why? If the target organization were very much larger, which approach would be superior and why? Answer: The policy project six stages: development, dissemination, review, comprehension, compliance, and uniform enforcement ISPME - Gathering key reference materials Defining a framework for policies Preparing a coverage matrix Making critical systems design decisions Structuring review, approval, and enforcement processes NIST 800 18 - These policies are living documents that constantly change and grow. These documents must be properly disseminated (distributed, read, understood, and agreed to) and managed. Good management practices for policy development and maintenance make for a more resilient organization ISPME is probably the easiest solution for a small business, inherent in its name. It would be easy for a policy maker to follow that framework. Also a combination of these methods would be optimal. Large companies should follow the NIST 800 18 and support the standards in this policy. Because of a large organizations susceptibility to more threats and liabilities, following strict policy standards is vital. Part 8 What is a business continuity plan, and why is it important? ANSWER: BCP ensures critical business functions can continue in a disaster. It is managed by the CEO of organization. BCP is activated and executed concurrently with the DRP when needed. While BCP reestablishes critical functions at alternate site, DRP focuses on. reestablishment at the primary site. BCP relies on identification of critical business functions and the resources to support them Part 9 What is a business impact analysis and what is it used for? ANSWER: BIA provides information about systems and threats and provides detailed scenarios for each potential attack. BIA is not risk management, which focuses on identifying threats, vulnerabilities, and attacks to determine controls. It assumes controls have been bypassed or are ineffective, and attack was successful. Part 10 Why is the C.I.A. triangle significant? Is it widely referenced? Answer: It is founded on the three most essential characteristics of information security, when first put forth. Yes, it is widely referenced and now covers more dimensions of information security. Read More