Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Your initial design was good, but the team leader wants you to try another appro

ID: 3709200 • Letter: Y

Question

Your initial design was good, but the team leader wants you to try another approach. She put these questions to you: "Should corrective maintenance get a higher priority than other types of maintenance? Why or why not? Should cost-benefit issues be considered? If so, how would this be done?" Also, your security plan was good, but did not go far enough. The team leader wants you to include at least five more types of attacks, with examples and suggested responses.

Task 1. Revise the simulated attack plan by including five more types of attacks, with examples and suggested responses.
Task 2. Consider the team leader’s questions carefully. When you reply, include a revised grid design as needed.

Explanation / Answer

Should corrective maintenance get a higher priority than other types of maintenance?

Corrective maintenance is carried out after detection of an inconsistency and goal is to reestablishing normal working conditions. This approach depends on the firm conviction that the costs maintained for downtime and repair if there should arise an occurrence of blame are lower than the speculation required for a continuous maintenance program.
If the system is stable and continuously working, then Yes Corrective maintenance gets a higher priority, as it targets particularly on the problem and thus provides a rapid solution
Corrective maintenance is also cost-effective, thus making it favorable amongst all main Maintenance strategies

5 more Type of attacks

1 Malware

“Malware” refers to any kind of harmful software, such as viruses and ransomware. Once malware is in installed in computer, it can create all sorts of havoc, from taking control of your machine, to monitoring your actions and keystrokes, to silently sending all sorts of confidential data from your computer or network to the attacker's home base.

Attackers will use a variety of methods to get malware into your computer, but at some stage it often requires the user to take an action to install the malware. This can include clicking a link to download a file, or opening an attachment that may look harmless (like a Word document or PDF attachment), but actually has a malware installer hidden within.

2 Phishing

In a phishing attack, an attacker may send you an email that appears to be from someone you trust, like your boss or a company you do business with. The email will seem legitimate, and it will have some urgency to it (e.g. fraudulent activity has been detected on your account). In the email, there will be an attachment to open or a link to click. Upon opening the malicious attachment, you’ll thereby install malware in your computer. If you click the link, it may send you to a legitimate-looking website that asks for you to log in to access an important file—except the website is actually a trap used to capture your credentials when you try to log in.

In order to combat phishing attempts, understanding the importance of verifying email senders and attachments/links is essential.

3 SQL Injection Attack

SQL stands for structured query language; it’s a programming language used to communicate with databases. Many of the servers that store critical data for websites and services use SQL to manage the data in their databases. A SQL injection attack specifically targets this kind of server, using malicious code to get the server to divulge information it normally wouldn’t. This is especially problematic if the server stores private customer information from the website, such as credit card numbers, usernames and passwords (credentials), or other personally identifiable information, which are tempting and lucrative targets for an attacker.

An SQL injection attack works by exploiting any one of the known SQL vulnerabilities that allow the SQL server to run malicious code. For example, if a SQL server is vulnerable to an injection attack, it may be possible for an attacker to go to a website's search box and type in code that would force the site's SQL server to dump all of its stored usernames and passwords for the site.

4 Cross-Site Scripting (XSS)

In an SQL injection attack, an attacker goes after a vulnerable website to target its stored data, such as user credentials or sensitive financial data. But if the attacker would rather directly target a website's users, they may opt for a cross-site scripting attack. Similar to an SQL injection attack, this attack also involves injecting malicious code into a website, but in this case the website itself is not being attacked. Instead, the malicious code the attacker has injected only runs in the user's browser when they visit the attacked website, and it goes after the visitor directly, not the website.

One of the most common ways an attacker can deploy a cross-site scripting attack is by injecting malicious code into a comment or a script that could automatically run. For example, they could embed a link to a malicious JavaScript in a comment on a blog.

Cross-site scripting attacks can significantly damage a website’s reputation by placing the users' information at risk without any indication that anything malicious even occurred. Any sensitive information a user sends to the site—such as their credentials, credit card information, or other private data—can be hijacked via cross-site scripting without the website owners realizing there was even a problem in the first place.

5 Denial-of-Service (DoS)
During a denial-of-service (DoS) attack. Attacker flood a website with more traffic than it was built to handle, thus overloading the website's server and it'll be highly-impossible for the website to serve up its content to visitors who are trying to access it.

This can happen for innocuous reasons of course, say if a massive news story breaks and a newspaper's website gets overloaded with traffic from people trying to find out more. But often, this kind of traffic overload is malicious, as an attacker floods a website with an overwhelming amount of traffic to essentially shut it down for all users.

In some instances, these DoS attacks are performed by many computers at the same time. This scenario of attack is known as a Distributed Denial-of-Service Attack (DDoS). This type of attack can be even more difficult to overcome due to the attacker appearing from many different IP addresses around the world simultaneously, making determining the source of the attack even more difficult for network administrators.

Related Questions

Your group is working to model motion of Triton (one of Neptune\'s 13 moons) aro
Question #1879736
Your group needs to provide a basic background for the organization and its netw
Question #3814919
Your group of researchers has been assigned the task of cloning a newly discover
Question #278405
Your group of researchers has been assigned the task of cloning a newly discover
Question #278686
Your group of rural cabin owners is considering a small renewable energy project
Question #1168342
Your group project will be to implement a shopping cart class with user interfac
Question #3556823
Your group works as legislative counsel to Representative Henrietta HolyCow. She
Question #355011
Your group works as legislative counsel to Representative Henrietta HolyCow. She
Question #355549

Navigate

Previous
Your implementation has to use a linked list to store the data you read from the
Next
Your initial post should contain a minimum of 350 words written in complete sent

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.