Cyber Kill Chain

Hw 5

Refer to the Wall street Journal article – article have been attached

Don't use plagiarized sources. Get Your Custom Essay on
Cyber Kill Chain
Just from $13/Page
Order Essay
  1. Describe how the phases of the Cyber Kill Chain were used in the attack.

 

 

 

  1. For each of the following terms, define each term and analyze the case study in order to determine the:
  • Vulnerabilities
  • Threats
  • exploits
  • attackers
  1. Draw conclusions and reflect on the case study using each of the cybersecurity concepts
  • adversarial thinking.
  • Confidentiality, Integrity, Availability, CIA – In terms of the Energy infrastructure, which is the most important?
  • Defense in Depth
  • Keep it Simple
  1. Given 16 critical infrastructure systems, why is the Energy Sector “uniquely critical”?
  2. For each of the following term, define and find examples in the case study.
  • PII, PHI
  • Black Hat Hacker, White Hat Hacker, Grey Hat Hacker
  • Ethical Hacker, Hacktivist, Nation State Hacker
  • Insider Threat
  • Advanced Persistent Threat (APT)
  • Botnet
  • Rootkit
  • Backdoor
  • Keylogger
  • Drive-by Downloads
  • Virus
  • Worm
  • Spyware
  • Logic Bomb
  • Trojan Horse
  • Ransomware
  • Denial of Service (DoS)
  • Distributed Denial of Service (DDoS)
  • Man in the Middle (MitM)
  • SYN Flood Attacks
  • Network Sniffing
  1. Social engineering-
  • Phishing
  • Spear Phishing
  • Vishing
  • Smishing
  • Whaling
  • Pretexting
  • Pharming
  • Spoofing
  • Watering Hole attack
  • Credential Harvesting

 

  1. Why is Software security so important?
  • SDLC
  • Testing
  • Static analysis
  • Buffer Overflow
  • Cross-site Scripting (XSS)
  • SQL Injection
  • XML injection
  • Active X
  • Java Applet and Javascript
  1. Identify the Risk Management Process and be able to implement
  2. What are the three A’s of Digital Forensics, What is PDCAERF in Digital forensics?
  • Plaintext
  • Ciphertext
  • Caesar cipher encryption and decryption
  • Vigenere cipher
  • DES, AES
  • PKI
  • Steganography
  • Hash functions
  • HTTP, HTTPS
  • IPSec
  1. Access Control
    1. Principle of Least privilege
    2. Need to Know
    3. Separation of Duites
  2. Authentication Methods
    1. Multi-factor authentication
    2. Biometrics, passwords, smart cards
    3. (1)something you know (e.g. password/PIN);
    4. (ii) something you have (e.g., cryptographic identification device, token); or
    5. (iii) something you are (e.g., biometric).
    6. Password attacks
  3. Networking
  • TCP/IP Protocol
  • Ping
  • DoS attack, SYN flood, DDos
  • Bots, Botnets
  • Link Encryption vs. End-to-End Encryption
  • IPSec
  • VPN
  • Firewalls
  • IDS
  1. Legal, Ethical Hacking types, pentesting
  • The Fourth Amendment
  • Title 18, Section 1030: The Computer Fraud and Abuse Act (CFAA)
  • Title 18, Sections 2510-2522 : The Electronic Communications Privacy Act
  1. cyberwar
  • Adversaries

APT

ORDER NOW »»

and taste our undisputed quality.