In a perfect world, no bad thing would ever happen at your home or business.

In a perfect world, no bad thing would ever happen at your home or business. Assessing a company for risk would be straight-forward, easy, and occur without any incident as it happened in isolation; the world (and hackers) would stop while you were completing your work. Unfortunately, that is not reality. An important element of risk assessment is understanding the ramifications of that risk if the worst case occurs—a threat exploits a vulnerability, allowing access to the system and network by a hacker.

To help us understand what can happen if we do not properly assess risk and put minimization or elimination strategies in place, you are tasked with responding to an incident. Usually this is done by a separate team, but to provide this necessary experience, pretend you are on loan to Limetree’s incident response team. This is a cross-organizational team that includes databased administrators and key personnel from the IT department, human resources, operations, and the accounts team (accounts receivable [money owed to Limetree], accounts payable [money Limetree owes to vendors], and payroll [money Limetree owes employees and taxation authorities]). Your job is to serve as an equal team member and respond if an incident occurs while you are working for Limetree.

Specifically, the following critical elements must be addressed:

Summarize the actions that should be taken to minimize the risk of the breach.

Discuss the precautions that should be taken to prevent a recurrence of this incident.

Recommend to management a process to limit the risk of this type of hack occurring in the future.

Incident Response Plan

While you are conducting a risk assessment for Limetree, an incident occurs. A hacker attempts to gain access to the customer database on a server located at the Limetree facility. Because of your knowledge, you are assigned to the incident response team. Any breach is important and serious, and while the hacker attempted to gain access, it is believed their attempt was unsuccessful. The specific details of the incident are included below.

At 3:08 a.m. Eastern Time, the account for Melize Dongan was successfully accessed and used to navigate the network. Melize Dongan is on vacation on a cruise and can’t be reached, so it is assumed it was not her attempting to access the system.

The hacker ran some simple commands from that account to determine the layout of the network and was able to determine the existence of the several servers on the network.

The attempt to access the server with the customer database failed because the network did not use a single sign-on and the hacker did not know the specific password for that database. When the username/password attempts were exhausted, a system warning went off in the operations center. Analysts identified the issue and locked the account, disabling the connection of the hacker with the network.

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.