Question

Fullsoft, Inc. is a software development company based in New York City. Fullsoft’s software product development code is kept confidential in an effort to safeguard the company’s competitive advantage in the marketplace. Fullsoft recently experienced a malware attack; as a result, proprietary information seems to have been leaked. The company is now in the process of recovering from this breach.
You are a security professional who reports into Fullsoft’s infrastructure operations team. The Chief Technology Officer asks you and your colleagues to participate in a team meeting to discuss the incident and its potential impact on the company.
Tasks
Prepare for the meeting by deliberating on the following questions:
• How would you assess the risks, threats, and/or vulnerabilities that may have allowed this
incident to occur, or could allow a similar incident to occur in the future?
• What insights about risks, threats, and/or vulnerabilities can you glean from reports of similar
incidents that have occurred in other organizations?
• What potential outcomes should the company anticipate as a result of the malware attack and
possible exposure of intellectual property?
• Which countermeasures would you recommend the company implement to detect current
vulnerabilities, respond to the effects of this and other successful attacks, and prevent future
incidents?

Answer 1

Answer:

Explanation is given below

Explanation:

A set of instructions runs on a system to do some actions that an attacker wants to do without the owners informed consent. It may be in the form of a virus, Backdoor, Trojan Horse, Rootkit, Scareware, Adware, and Worm.

1. This incident may occur due to:

sharing the file folders using USB's

propagation of e-mails

fake ant viruses

fake codec

through your browser

visiting infected web sites

installing infected software's and so on.

2. The worst that could occur with this incident are:

keylogger: software that can capture and record user keystrokes

backdoor: hidden method for bypassing normal computer authentication systems

zombie: computer attached to the Internet that has been compromised

denial-of-service attack (DoS attack): attempt to make a computer resource unavailable

3.

It steals the personal information such as email addresses, phone numbers, bank account numbers and so on.

It deletes or modifies the files.

Steals the software serial numbers and use our computers as relay.

4.

Usage of up-to-date antivirus which continuously analyze the behavior of your system.

Build a perfect malware detector

analyze program behavior

detect changes by using checksum methods

do the sandbox analysis.

change your passwords as you change your underwear.

Do not open unexpected e-mail attachments

Be wary of pop-up windows that ask you to install something (like anti-virus software) if you are just surfing the web.

Keep your system up-to-date. Newer systems automatically update.

firewall: software which inspects network traffic passing through it, and denies or permits passage based on a set of rules.

5. Outline of key points:

Circumstances related to Malware.

Insights about risks, threats, and/or vulnerabilities

Potential outcomes and possible exposure of intellectual property

countermeasures to detect vulnerabilities