Business Case 1 1 : One of the local university s Student records databases was hacked. A
Fantastic news! We've Found the answer you've been seeking!
Question:
Business Case 1: One of the local universitys Student records databases was hacked. A graduate student in the computer engineering department decided to show his skills to his friends to impress them. The student successfully enters the system by calling the help desk and pretending to be the new director of the student records department. During the phone call, I could not remember the password and do not want to call my supervisor. Would please do me a favor and remind me of my password?. The IT Help desk person believed him and gave the password without following the University Security policy. Then the student simply logs in to the database and updated the final grade exam of one of his friends who was failing the class.
Business Case 2: Hospital Patient Database: A hospital patients allergy information (a doctor should be able to trust that the info is correct and current) was altered without authorization. A nurse before leaving the hospital deliberately falsifies the patients allergy data in the database to inflict damage to Hospitals reputation. That happened on the last day of her employment at the Hospital. Some doctors gave the wrong medication to the patients who later suffered from a complication of allergies and medications. This widespread incident was on the local news as well. Then, the nurse was hired by a new (competitor local hospital) the following week.
For each case answer the following questions
Question 1: What was the reason for this successful attack? What was the vulnerability (Flaw or weakness that allows a threat agent to bypass security)?
Question 2: Attack surfaces type?
Question 3: Who are the threat actors?
Question 4: What can be done to defend against this particular attack (So, it will not happen again)?
Related Book For
Income Tax Fundamentals 2013
ISBN: 9781285586618
31st Edition
Authors: Gerald E. Whittenburg, Martha Altus Buller, Steven L Gill
Posted Date: