Retrieved from https://studentshare.org/engineering-and-construction/1660125-preparation-for-the-professional-workplace
https://studentshare.org/engineering-and-construction/1660125-preparation-for-the-professional-workplace.
Preparation for the Professional Workplace Event In context of this reflection paper, I would like to describe about a situation whenI faced multiple credential issues related to the appropriate storage and regular access of official data in the warehouse facility of our organization. I, being a system engineer, was assigned the role of repairing the system so as to mitigate employee complains related to inaccessibility of organizational data. Eventually, I evaluated the system and attained an understanding that the organization’s warehouse setup was infected by a malicious code fragment that somehow managed to bypass the firewall system, as it was in a concealed form.
As a result, I preferred the utilization of online sandbox tools that I believed were effective enough in terms of appropriately evaluating the malware code and generating effective results based on which, I could understand the percentage of system data that was damaged. I preferred utilizing the cuckoo sandbox tool, but despite of my numerous attempts, the generated result was not appropriate due to the absence of certain extension files within the sandbox’s online database. Overall, my efforts did not suffice me with expected positive results due to inappropriateness of the online tools (Cuckoo Foundation, 2014). 2. Causes of the EventI believe that the intensive work pressure on the system administrators at the end of each working day was the main cause of this event.
The centralized pattern of this organization’s IS system can be considered as another reason that increased workload on the system administrators. The entire event was a result of mere carelessness where the administrators mistakenly allowed two suspicious mails into the main system without prior evaluation of the content within it. Both the mails were equipped with some sort of concealed malware codes that distorted the systematic arrangement of the system and even led to a considerable amount of data corruption.
Moreover, the time taken by me for evaluating the system was sufficient for the malware code fragment to cause considerable damages to the data accessibility gateways. This in turn halted the entire communication of the central branch with all other associated branches in different geographic locations (Cuckoo Foundation, 2014). 3. Mitigation MeasuresCorrespondingly, after the system damage, I wanted to examine the malware code myself in the standalone sandbox setup within our organization.
I felt that effective understanding of the malware code might help me in generating its appropriate digital signature pattern, which I can eventually update within the databases of our organizational malware analysis tool. This will subsequently help the system administrators in identifying and eliminating further attacks from the similar kind of malware code fragments and thus, improvise the security aspects associated with the organization’s IS system. In a way of mitigating such future attacks, I suggested the management to install a proxy server and integrate it with our main server in order to identify and restrict such malicious codes in the transmission channel itself, before it even reaches the central server and cause serious damage.
Moreover, as a technical suggestion, I would like to state that my organization should hire multiple other online sandbox tools rather than just relying on cuckoo. The hired online sandboxes will have to be capable enough of analyzing the behavioral patterns of the malware code, which in turn is much effective in comparison to that of the signature-based systems (Cuckoo Foundation, 2014). ReferenceCuckoo Foundation. (2014). Cuckoo Sandbox Book. Retrieved from https://cuckoo.readthedocs.org/en/latest/
Read More