Description
In a perfect world, no bad thing would ever happen at your home or business. Assessing a company for risk would be straight-forward, easy, and occur without any incident as it happened in isolation; the world (and hackers) would stop while you were completing your work. Unfortunately, that is not reality. An important element of risk assessment is understanding the ramifications of that risk if the worst case occurs—a threat exploits a vulnerability, allowing access to the system and network by a hacker.
To help us understand what can happen if we do not properly assess risk and put minimization or elimination strategies in place, you are tasked with responding to an incident. Usually this is done by a separate team, but to provide this necessary experience, pretend you are on loan to Limetree’s incident response team. This is a cross-organizational team that includes databased administrators and key personnel from the IT department, human resources, operations, and the accounts team (accounts receivable [money owed to Limetree], accounts payable [money Limetree owes to vendors], and payroll [money Limetree owes employees and taxation authorities]). Your job is to serve as an equal team member and respond if an incident occurs while you are working for Limetree.
Specifically, the following critical elements must be addressed:
Summarize the actions that should be taken to minimize the risk of the breach.
Discuss the precautions that should be taken to prevent a recurrence of this incident.
Recommend to management a process to limit the risk of this type of hack occurring in the future.
Incident Response Plan
While you are conducting a risk assessment for Limetree, an incident occurs. A hacker attempts to gain access to the customer database on a server located at the Limetree facility. Because of your knowledge, you are assigned to the incident response team. Any breach is important and serious, and while the hacker attempted to gain access, it is believed their attempt was unsuccessful. The specific details of the incident are included below.
At 3:08 a.m. Eastern Time, the account for Melize Dongan was successfully accessed and used to navigate the network. Melize Dongan is on vacation on a cruise and can’t be reached, so it is assumed it was not her attempting to access the system.
The hacker ran some simple commands from that account to determine the layout of the network and was able to determine the existence of the several servers on the network.
The attempt to access the server with the customer database failed because the network did not use a single sign-on and the hacker did not know the specific password for that database. When the username/password attempts were exhausted, a system warning went off in the operations center. Analysts identified the issue and locked the account, disabling the connection of the hacker with the network.
Unformatted Attachment Preview
ISE 510 Module Two Short Paper Guidelines and Rubric
Overview
You will review the scenario provided and, using the module resources, complete a short paper addressing the prompt provided below.
Prompt
Business and organizations in the United States are required to comply with applicable regulations and mandates within their industry vertical. These requirements evolved from unsafe or illegal actions perpetrated within
the various industries. Not all businesses are required to comply with all laws and regulations, only the ones that are applicable. As an IT professional, you are responsible for understanding what laws, regulations, and
mandates pertain to your business and industry to ensure the appropriate safeguards are in place to prevent or reduce risk. Having a good relationship with management is essential in order to reduce risk, as most managers
control the departmental budget but may not understand the requirements or what is needed to implement appropriate safeguards to meet compliance. You may need to share your knowledge and experience with
management to make them aware of the risks and to secure the appropriate financial budget for procurement of the required safeguards.
Specifically, the following critical elements must be addressed:
Identify appropriate best practices of PCI DSS specific to the company’s IT environment.
Identify the touch points between the objectives and requirements of PCI DSS and company’s IT environment.
Determine appropriate best practices to implement when taking steps to meet PCI DSS objectives and requirements.
Justify your reasoning for each identified best practice.
Create a report to management that is concise in form, but comprehensive in scope.
Scenario
PCI DSS Best Practices
At the request of several long-term clients, and to reduce the time it takes to fund a marketing project, Limetree’s senior management has recently decided to accept corporate credit cards. This is a new process and
will require that Limetree comply with PCI DSS requirements. While PCI DSS is a private standard, compliance is required if an organization wants to accept credit cards.
As an IT professional of the company, you should make recommendations to IT management to implement best practices of PCI DSS.
What to Submit
Prepare a brief report of your findings for senior management to review. The report must be submitted as a 1- to 2-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins.
Any sources used must be cited in APA format.
Module Two Short Paper Rubric
Criteria
PCI DSS Best Practices
Exemplary (100%)
Proficient (85%)
Needs Improvement (55%)
Exceeds proficiency in an
exceptionally clear, insightful,
Identifies appropriate best
practices of PCI DSS specific to the
Shows progress toward
proficiency, but with errors or
sophisticated, or creative manner
company’s IT environment
omissions
Not Evident (0%)
Value
Does not attempt critical element
18
Listen
Criteria
Exemplary (100%)
Touch Points
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Proficient (85%)
Identifies touch points between
objectives and requirements of
PCI DSS and company’s IT
Not Evident (0%)
ValueDictionary
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18 Translate
Needs Improvement (55%)
environment
Implementation
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Determines appropriate best
practices to implement when
taking steps to meet PCI DSS
objectives and requirements
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18
Justification
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative manner
Justifies reasoning for each chosen
best practice
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical element
18
Conciseness
Exceeds proficiency in an
Creates a report that is concise in
Shows progress toward
Does not attempt critical element
18
exceptionally clear, insightful,
sophisticated, or creative manner
form, but comprehensive in scope
proficiency, but with errors or
omissions
Submission is free of errors
related to citations, grammar,
spelling, syntax, and organization
Submission has no major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has major errors
related to citations, grammar,
spelling, syntax, or organization
Submission has critical errors
related to citations, grammar,
spelling, syntax, or organization
10
that negatively impact readability
and articulation of main ideas
that prevent understanding of
ideas
Articulation of Response
and is presented in a professional
and easy-to-read format
Total:
100%
Purchase answer to see full
attachment
