MET CS695 Assignment 1 Question 1.1 (100 points): Which of the 10 CBK areas apply to what was described in the 21st Century tale and how were aspects of each area either not considered or ignored by the different affected organizations? Access control systems and methodology– Carol’s story is very relevant for access control due to allowing both your data and voice on the same servers to be effected. Applications and systems development security– The applications were definitely the source of the exploit due to being able to tap into the system through a VOIP connection using a User Agent (UA) software that over a period of two weeks was replaced by the same software but with written exploits in its code. Business continuity planning and disaster recovery planning– About five hours of down time came from not having the proper systems in place to eliminate the ARP storms and had to use the individual routers to combat all the attacks. Cryptography– This could have been used to ensure that the UA software being used was the actual one by a simple means of using hashing for the purpose of authentication.In the two weeks it took them to exchange the real software for the fake, there should have been some type of alarm going off due to the program mismatch.
Want to read all 2 pages?
Previewing 2 of 2 pages Upload your study docs or become a member.
End of preview
Want to read all 2 pages? Upload your study docs or become a member.