Information System Vulnerabilities and Risks

CSEC662 Final Exam
Information System Vulnerabilities and Risk
Name
Course
Date
1) Response to computer network intrusion
First steps after confirming the attack
Responses to intrusions are taken into consideration when improving management of the security of network and communications. The general approach is first addressing issues with the system detection and then response. Analysis and detection helps to evaluate the extent of the problem, while identifying the concerns and classifying them is then prioritized, decision making is reflected in the response and followed by thorough evaluation of the intrusion (Anwar et al., 2017). Analysis of the huge traffic volume of network activities and other network anomalies helps to determine the nature of the attacks. Further analysis follows a detailed study of the characteristics of the attack, source of attack and the features that increases risk of attack.
Another important thing is port scanning is one of the most popular techniques used by attackers to discover the services exposed to possible attacks. Computers that are connected to a local area network (LAN) or Internet run services have ports that maybe at a risk. A port scan help the attacker find which ports are available. A port scan consists of sending a message to each port and the types of response received helped to evaluate whether the ports are secure and the types of weakness. Undertaking port scanning at the organization will help to identify the port based on the level of vulnerability.
Those involved in the response
The key personnel that will participate in the response include the project manager, system administrator, and the IT support staff. Contact details of the personnel involved in the response will be listed and it is important to correctly identify the methods and contact persons in case of other serious incidents, if there are outsoaring, services. Since there is follow-up and delivery of results all involved will be informed about the results of the incident response.
Compensating for your team’s inexperience
One of the main aims of involving the inexperienced staff in the response is that they learn the procedures and methodologies usually used in network intrusion. The team members will be directly involved in response testing, learning how certain intrusion tests are conducted. This helps to provide an independent evaluation of the system risk, without ignoring the need to classify and prioritize the risk in the company (Fidler, 2017). Since the staff will be involved in identifying flaws in the network, there is training and leaning on the job. Besides responding to threats, there is verification of security in the system in the presence of experienced staff.
Type of resources necessary
Exercises to simulate intrusion will keep the team members knowledgeable about some of the attacks, and the personnel are first informed about what to expect and how to detect the intrusions. Prevention, protection and response to the threats require that they become familiar with various tools used to detect network intrusion (Anwar et al., 2017). When such software tools are available, many of the incident response team members can interpret the results after ...