What incidentlevel would this situation be classified as?
Darren is the network administrator for Greyson & Associates, a large law firm in Houston. Darren is responsible for all network functions as well as any digital forensics work that is needed. Darren is examining the firewall logs onemorning and notices some unusual activity. He traces the activity target to one of the firm�s internal file servers and finds that many documents on that server were destroyed. After performing some calculations, Darren finds the damageto be around $75,000 worth of lost data. Darren decides that this incident should be handled and resolved within the same day of its discovery. What incidentlevel would this situation be classified as?
Why is using passwords to protect PDF documents not enough to safeguard against information leakage?
Heather is the network administrator for her company, a small medical billing company in Billings. Since the company handles personal information for thousands of clients, they must comply with HIPAA rules and regulations. Heather downloads all the HIPAA requirements for information security and begins an audit of the company. Heather finds out that many of the billing technicians have beensending sensitive information in PDF documents to outside companies. To protec
t this information, they have been password protecting the PDF documents. Heather has informed all the technicians that this method of protecting the data is not safe enough. Why is using passwords to protect PDF documents not enough to safeguard against information leakage?
What are the alternatives to defending against possible brute-force password attacks on his site?
Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder’s IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet.
But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule.
Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address.
This action will slow the intruder’s attempts.
Samuel wants to completely block hackers brute force attempts on his network.
What are the alternatives to defending against possible brute-force password attacks on his site?
Why was John not able to connect?
John is the network administrator for Frederickson Machinery in Tampa, Florida. Frederickson Machinery has one large office, and a number of smaller offices spread out around the city. John’s primary responsibility is to oversee the network equipment hat includes switches, routers, gateways and firewalls. John is the only employee allowed to make any changes or troubleshoot the network equipment so he has to run to any of the offices himself whenever there are any network issues. John is becoming more and more busy, so he wants to be able to remotely manage the network equipment as much as possible. He does not want to use telnet because of its inherent security flaws, so he decides to use SSH. John downloads a program from the Internet for SSH connections and attempts to connect to one of his routers at another office. After a short time, the following screen pops up on his computer:
Why was John not able to connect?
What should Richard use to utilize email encryption agency-wide?
Richard is a network administrator working at a student loan company in Iowa. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company, schools, and lenders is carried out through email. Because of privacy laws that are in the process of being implemented, Richard wants to get ahead of the game and become compliant before any sort of auditing occurs. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, Richard wants to utilize email encryption agency-wide. The only problem for Richard is that his department only has a couple of servers, and they are utilized to their full capacity. Since a server- based PKI is not an option for him, he is looking for a low/no cost solution to encrypt email.
What should Richard use?