1.3.5 Lab – Document Enterprise Cybersecurity Issues Answers

Aug 16, 2024 Last Updated: Aug 16, 2024 Network Defense No Comments
Tweet Share Pin it

1.3.5 Lab – Document Enterprise Cybersecurity Issues

Objectives

  • Part 1: Record your assessment of Athena’s cybersecurity issues.
  • Part 2: Record the different types of assets owned by Athena.
  • Part 3: List the threats for each asset type.
  • Part 4: Recommend mitigation techniques to addresseach threat.

Note: This lab assumes you have basic knowledge of vulnerabilities, threats, and mitigation techniques.

Scenario

Athena Learning Incorporated is an educational service provider. Athena has two major lines of business: course content creation and online learning services. Athena creates learning content and hosts learning content. Athena also provides internet sales services that enable its partners to charge their students to attend their courses.

Athena employs about 100 people in its headquarters office, and about 5 people each in its London and Singapore offices. Because it provides content and delivery services globally, Athena must comply with diverse privacy and security standards.

Athena serves as custodian for its own content and content that belongs to its partners. That content includes text, graphic, video, and interactive assets. This content is the essential intellectual property of the company. It also manages student account information including student registration, authentication, records, and payment information. Athena manages its own SQL databases, some of which are connected to web portals.

The Athena network consists of mostly MS Windows and Apple IOS clients with a mix of Microsoft and Linux servers to store business and employee records, learning content assets, and financial information, including customer data. The hosts include various PC brands and models of varying age. Different versions of operating systems are in use. Athena uses cloud services to deliver courses to the public, but must house assembled courses on the internal network for creation and editing. When the courses become available, they are mirrored to the cloud. Employees are permitted to use their personal phones and tablets for work. In addition, some employees work from home, but require full network access to do so. Athena also hosts its own DNS, email, and intranet services.

Athena employees use common office application software, custom applications, and tools that have been created internally.

Athena provides access to parts of its internal network to its partners through a secure web portal. Clients are able to preview their course content and deliver course assets to Athena for assembly in the Athena learning management system. Students interact with the cloud-managed learning platform through their web account logins.

In this lab, you will apply your knowledge of cybersecurity threats and mitigation techniques to a corporate setting. You will read about a business, classify its assets, and then list the potential vulnerabilities and threats that the business faces. Finally, you will recommend threat mitigation measures for the threats that you identify.

Required Resources

  • Devices with internet access

Instructions

Part 1: Record your assessment of Athena’s cybersecurity issues.

Study the Scenario above about Athena Learning Incorporated. Focus on identifying the data, software, hardware, and network assets that need to be protected to ensure that company is not impacted by various types of threats that have been discussed in the course so far.

Use the tables below to record your answers.

Information/Data Assets Threats Mitigation
student personally identifiable information on servers
  • data theft of protected information
  • identity theft
  • encrypt stored data
student sales information
  • identity theft
  • theft of credit card information
  • encrypt stored data
learning content on course delivery website
  • unauthorized access
  • data theft
  • alteration of content
  • strong authentication
  • hardening of web application
customer assets during upload to Apollo
  • data tampering
  • data theft
  • VPN
  • hashing of assets
data and services required by work-at-home employees
  • data theft
  • data tampering
  • VPN

 

Software Assets Threats Mitigation
host operating systems
  • malware
  • phishing
  • malicious websites
  • security vulnerabilities
  • antivirus software
  • block access to known malicious sites
  • user security training
  • patching
office applications
  • exploits of unpatched vulnerabilities
  • various application attacks
  • patching
  • security policies regarding use of unauthorized software
SQL databases
  • data entry errors
  • XML or SQL injection
  • data input validation
web server software
  • vulnerable server software
  • cross-site scripting
  • patching
in-house applications
  • various application exploits
  • secure software development
  • strong input validation

 

Physical Assets Threats Mitigation
desktop PCs
  • power interruption
  • hard drive failure
  • other physical damage
  • control access to facilities
  • data backups
  • power protection
  • power protection
  • badge-based or biometric access control
  • user security training
laptop PCs
  • loss, theft, or damage
  • hard drive failure
  • other physical damage
  • antivirus
  • host-based firewall
  • regular data backups
  • drive encryption
  • physical access control
File servers
  • power interruption
  • hard drive failure
  • physical damage
  • power protection
  • automated backups
  • physically secure server room
  • redundant servers
Networking equipment
  • power interruption
  • physical damage
  • unauthorized administrative access
  • power protection
  • physically secure wiring closets and equipment locations
Network Assets Threats Mitigation
IP services (DNS, IMAP, DHCP)
  • DNS spoofing address spoofing
  • Next-generation firewalls capable of deep packet inspection
Connection to ISP
  • DoS, DDoS
  • block external ICMP packets with firewalls
wired LAN
  • man-in-the-middle
  • unauthorized access
  • detect unauthorized network scanning
  • strong passwords
wireless LAN
  • man-in-the-middle
  • unauthorized access
  • roque access points
  • use strong authentication and encryption
  • access point placement
  • use tools to detect rogue access points
  • VPN for remote wireless users

Part 2: Record the different typesof assets owned by Athena.

From the information in the Scenario, and your knowledge of business in general, fill in the first columns of each table with the relevant assets that are owned by Athena. You should have at least three entries in each table.

The different types of assets are defined as follows:

  • Information/Data Assets – any data that is used by the company, in any of the three states of data. This data could be Athena’s business data, Athena’s learning content, student sales and learning data, or partner data.
  • Software Assets – any software that is used by Athena, including commercial business applications, operating systems, server software, database software, and custom software.
  • Physical Assets – the physical devices, equipment, and other property that are used by Athena in the course of their business.
  • Network Assets – the types of networks and network connections that are hosted or used by Athena in the course of its business.

Part 3: List the threats for each asset type.

a. Review the information that you have learned in this pathway regarding vulnerabilities and threats.

What is the difference between a threat and a vulnerability?

Vulnerabilities are weaknesses or characteristics of an asset that can result in damage to or loss of those assets. Threats are the possible actions or events that exploit vulnerabilities. Threats can be posed by people or nature.

b. Complete the second column of the table with threats that could exploit vulnerabilities for each asset that you listed. There is usually more than one threat to each asset.

Part 4: Recommend mitigation techniques to address each threat.

Review the information that you have learned so far about ways to mitigate various cybersecurity threats. Complete the third column of the table with mitigation techniques that can be done to avoid or limit the damage caused by each potential threat.

Reflection

1. Why is it useful to categorize assets when identifying threats and mitigation techniques?

Classifying assets by type helps to organize thinking around what threats may exist. Otherwise, there are so many assets that it is difficult to get started with the analysis.

2. Do some threats have the same or similar mitigation measures? Why is it important to note this?

Yes, some threats can be mitigated using the same means. For example, a system of updating host and server software can help to mitigate threats to customer and company data. VPNs can encrypt data uploaded to Athena’s servers by customers and can also protect assets sent to the cloud. Knowing this helps guide the choice and implementation of threat mitigation solutions.

3. What have you learned about the application of knowledge of cybersecurity threats and mitigation techniques to the context of a simulated organization?

Answer will vary. It should be apparent that a comprehensive cybersecurity program requires many different types of measures that work to together to protect an organization’s diverse assets. There is no single solution to protecting assets from the wide range of threats that exist in the world today.

 

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments