Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1.7 Consider a company whose operations are housed in two buildings on the same

ID: 3883284 • Letter: 1

Question

1.7      Consider a company whose operations are housed in two buildings on the same property, one building is headquarters, the other building contains network and computer services. The property is physically protected by a fence around the perimeter. The only entrance to the property is through the fenced perimeter. In addition to the perimeter fence, physical security consists of a guarded front gate. The local networks are split between the Headquarters’ LAN and the Network Services’ LAN. Internet users connect to the Web server through a firewall. Dial-up users get access to a particular server on the Network Services’ LAN.

Develop an attack tree in which the root node represents disclosure of proprietary secrets. Include physical, social engineering, and technical attacks. The tree may contain both AND and OR nodes. Develop a tree that has at least 15 leaf nodes.

Explanation / Answer

The tree is as follows:

Compromise on survivability: Disclosure of the proprietary secrets of the company X.

OR 1. Physically scavenge discard the items from X.

            OR       1. Inspect the contents of the site which is under the category of dumpster

                        2. After removal from the site, inspect refuse

        2. From the X machines, monitor the emanations

            AND    1.To identify the position which is optimal, do the survey of the physical perimeter

                        2. Get the equipment which are necessary to monitor

                        3. Setup the site which is the site of monitoring

                        4. Monitor the emanation from the site

       3. Recruitment of the helpful and trusted X insider

            OR       1. For the trusted insider, plant the spy

                        2. Use the insiders which are trusted and already exist

       4. Accessing the machines and the networks of the company X physically

            OR       1. For the accessibility on-site to the Intranet, get physical

                        2. Get the access of the machines physically

       5. With the help of the internet connection, attack the Intranet of the company X

            OR       1. To get the information of the leakage, monitor the communications

2. Over the internet, get the process which is trustworthy to send the information   

    which is sensitive.

3. For the web servers, get the privilege access

       6. With the PIN and the connection of X itself, attack the intranet of X

OR       1. For obtain the information about the leaking of the sensitive information, monitor

    the communication over the public telephone network

2. Get the access of the machines on the connected Intranet with the help of the  

    internet.

Related Questions

1.5) According to these web pages: https://www.nps.gov/goga/learn/education/cher
Question #112455
1.5-6. A life insurance company issues standard, pre- ferred, and ultrapreferred
Question #3355586
1.5-V battery stores 5.0 kJ of energy. How long can it light a flashlight bulb t
Question #2004619
1.5. Circle The oxidation state of the carbon atom in the molecule chloroform (C
Question #590736
1.5. One issue related to execution of a guest supervisor environment within a h
Question #663492
1.5. Suppose that buyer 9 (with a buyer value of $11) and seller 9 (with a selle
Question #1208143
1.5. The terminal velocity t, attained by a aphorical particle of radius r, and
Question #718192
1.5.27 Question Help During every election in a particular region, polisters con
Question #3040247

Navigate

Previous
1.7 Computer software and hardware layers along with user are sequenced as a) Us
Next
1.7 Drawing Organic Structures Problem 1.19 Determine the geometry around all se

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.