Description
For this assignment, you will provide a profile of the organization in the final project scenario and describe the details of the breach incident.Specifically, you must address the following critical elements:Introduction: Provide a brief profile of LimeTree Inc. In your profile, you could consider the industry in which the business or organization operates and the product or service that is its focus.Security Breach: In this section, you will analyze the current information security breach at Limetree Inc., describing the business or organizational unit that has been affected by this breach and explaining how the breach occurred.Attack Location: Analyze the security breach that occurred to determine what part of the business or organization was attacked.Attack Method and Type: Analyze the security breach to determine the method and type used to effect the attack.Vulnerabilities: Discuss the vulnerabilities of the business or organization that were exploited and how the vulnerabilities were discovered.
Unformatted Attachment Preview
ISE 510 Milestone One Guidelines and Rubric
Security Breach
Overview
You have been hired as a cybersecurity professional to conduct a security assessment on Limetree Inc.’s systems and processes to identify the root cause of the security breach and discover additional
vulnerabilities that could impact Limetree’s operation in the future. Your assessment of Limetree Inc.’s environment will be conducted by reviewing the Final Project Scenario document (located in
Module Three of your course). For part of this assessment, you will incorporate into your analysis the results of the interview with Jack Sterling (security manager) found in the scenario, and you will be
able to identify vulnerabilities related to systems security, personnel and administrative security, and physical security, relating these to the breach from your physical vulnerabilities short paper in
Module Three.
Prompt
For this assignment, you will provide a profile of the organization in the final project scenario and describe the details of the breach incident.
Specifically, you must address the following critical elements:
I. Introduction: Provide a brief profile of LimeTree Inc. In your profile, you could consider the industry in which the business or organization operates and the product or service that is its focus.
II. Security Breach: In this section, you will analyze the current information security breach at Limetree Inc., describing the business or organizational unit that has been affected by this breach and
explaining how the breach occurred.
A. Attack Location: Analyze the security breach that occurred to determine what part of the business or organization was attacked.
B. Attack Method and Type: Analyze the security breach to determine the method and type used to effect the attack.
C. Vulnerabilities: Discuss the vulnerabilities of the business or organization that were exploited and how the vulnerabilities were discovered.
What to Submit
Your paper must be submitted as a 2- to 3-page Microsoft Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format.
Milestone One Rubric
Criteria
Exemplary (100%)
Proficient (85%)
Needs Improvement (55%)
Not Evident (0%)
Value
Introduction
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative
manner
Provides a brief profile of the
business or organization that has
been compromised or breached
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical
element
22
Security Breach: Attack
Location
Exceeds proficiency in an
exceptionally clear, insightful,
Analyzes the security breach that
occurred to determine what part
Shows progress toward
proficiency, but with errors or
Does not attempt critical
element
22
Location
exceptionally clear, insightful,
sophisticated, or creative
manner
occurred to determine what part
of the business or organization
was attacked
proficiency, but with errors or
omissions
element
Security Breach: Attack
Method and Type
Exceeds proficiency in an
exceptionally clear, insightful,
Analyzes the security breach to
determine the method and type
Shows progress toward
proficiency, but with errors or
Does not attempt critical
element
22
sophisticated, or creative
manner
used to effect the attack
omissions
Exceeds proficiency in an
exceptionally clear, insightful,
sophisticated, or creative
manner
Discusses the vulnerabilities of
the business or organization that
were exploited and how the
vulnerabilities were discovered
Shows progress toward
proficiency, but with errors or
omissions
Does not attempt critical
element
22
Exceeds proficiency in an
Clearly conveys meaning with
Shows progress toward
Submission has critical errors in
6
exceptionally clear, insightful,
sophisticated, or creative
manner
correct grammar, sentence
structure, and spelling,
demonstrating an understanding
of audience and purpose
proficiency, but with errors in
grammar, sentence structure,
and spelling, negatively
impacting readability
grammar, sentence structure,
and spelling, preventing
understanding of ideas
Uses citations for ideas requiring
attribution, with few or no minor
Uses citations for ideas requiring
attribution, with consistent
Uses citations for ideas requiring
attribution, with major errors
Does not use citations for ideas
requiring attribution
errors
minor errors
Security Breach:
Vulnerabilities
Articulation of Response
Citations and Attributions
Total:
6
100%
ISE 510 Final Project Scenario
Background
Limetree Inc. is a research and development firm that engages in multiple research projects with the
federal government and private corporations in the areas of healthcare, biotechnology, and other
cutting-edge industries. It has been experiencing major growth in recent years, but there is also a
concern that information security lapses are becoming rampant as the company grows. Limetree Inc. is
working to establish a strong reputation in the industry, and it views a robust information security
program as part of the means to achieving its goal. The company looks to monitor and remain
compliant to any regulation impacting its operations.
Limetree Inc. recently experienced a security breach; it believes confidential company data has been
stolen, including personal health information (PHI) used in a research study. Limetree Inc. believes
the breach may have occurred because of some security vulnerabilities within its system and
processes.
Limetree Inc.’s environment consists of open-space areas and workspaces for all employees. This
structure provides for collaboration and open seating to promote a healthy and collaborative work
environment. The workspace areas do not contain partitions or cubicles and are only separated by
glass. Each workspace contains a small locking cabinet for personal items and business materials.
Management and executive offices are located throughout the edges of the work area. The offices
contain glass doors and walls with privacy glass.
The rest of the environment is presented via an interview with the security manager, Jack Sterling.
Notes From Interview With Jack Sterling
The interview with Jack Sterling revealed the following about Limetree Inc.’s system and processes.
Hardware/Software
Desktop Apps: MS Edge, Firefox, Google Chrome, MS Office, Adobe Flash, Adobe Acrobat
Applications/Databases
•
•
•
Browser: Browser in use is MS Edge and browser security setting was set to low.
Browsers allow remote installation of applets, and there is no standard browser for
the environment.
Virus Software: McAfee is deployed locally on each user’s machine and users are mandated to
update their virus policy every month.
SQL Database: Ordinary users can escalate privilege via SQL Agent. Disk space for SQL database
log is small and is overwritten with new information when it is full. Limetree Inc. is not using
any encryption for sensitive data at rest within the SQL server environment.
Network
The network comprises the following: three web/applications servers, three email servers, five file
and printer servers, two proxy servers, seven remotely manageable Cisco switches, 250 desktops,
three firewall devices, one gateway (router) device to the internet, and three wireless access points.
Configuration Highlights
•
Wireless: Wireless network is available with clearly advertised SSID, and it is part of the local
area network (LAN). There is no segmentation or authentication between the wireless and
wired LAN. Visitors are provided access code to the wireless network at the front desk to use
•
•
•
•
•
the internet while they wait to be attended to.
Managed switches: There is no logging of network activities on any of the switches.
Web server: Public-facing web server is part of the LAN. This is where internet users get
needed information on the company. The web servers are running the following services in
addition: File & Print Services, Telnet, IIS.
Firewalls: Firewall configuration is very secure, and the logs are reviewed when there is
suspicion of a security event. The following files types are allowed for inbound connection: EXE,
DOC, XML, VBS. In addition, Telnet and FTP are allowed for inbound connection.
Passwords: Users determine the length of the password and complexity, but it is mandatory to
change password once a year.
Network configuration: Changes are determined by the IT manager and users are notified
immediately once the changes are implemented.
Documentation
•
•
•
There is no documented security policy, or computer use policy.
There is no documented process for changes to the system.
There is no contingency plan.
System Backup
•
Backup is conducted daily by the network administrator, and tapes are kept safely in the
computer room.
Personnel/Physical Security
•
•
•
•
While users are not trained in security awareness, emails go out every month from the system
administrator warning users of emerging threats.
Visitors sign in at the front desk before they are allowed to walk in to see employees at their
respective offices.
Remote employees connect via virtual private network. Their laptops are configured exactly as
the desktops in the office with unencrypted hard drives.
Often users are allowed to bring in their own laptops, connect to the corporate system, and
complete their tasks, especially if they are having issues with laptops provided by the company.
Incident Response
At Limetree Inc., systems administrators are notified of computer incidents, and the administrators
escalate to the IT manager, who reports incidents to the security manager if they are deemed relevant.
Currently, there is no official documented process of reporting incidents. There is also no previous
documented history of incidents, even though Limetree Inc. has experienced quite a few. Corrective
measures are taken immediately after an incident, though none of the measures was ever documented.
Images of LimeTree Inc.’s Environment
LimeTree Inc.’s environment looks similar to the image below:
(Source: Furniture Solutions for the Workplace)
The layout of the Limetree Inc. environment looks similar to the image below:
(Source: usedcubicles.com)
Purchase answer to see full
attachment
