Question: 1 . Develop and draw an attack tree starting with gaining access to a finance user s computer and their related Active Directory account. Make

1 .

Develop and draw an attack tree starting with gaining access to a finance user

s computer and their related Active Directory account. Make sure you capture what you can possibly do with the account immediately, as well as how you can use it to get even more access within the company in the long run. Describe how the attacks are linked. Document any assumptions you may have, if any, that would justify your reasoning.

2 .

Based on the created attack tree, are there any specific control you might recommend to reduce the threat or eliminate the attack vector? Broadly speaking, how can you determine whether a control should be implemented to protect a vulnerability? What are the criteria for making such a decision, from a business point of view? As one of the options in risk treatment is to stop doing the activity that creates the risk, how would you justify that suggestion?

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Contents The Team..3 Group Contact Information.3 Mission Statement3 Foundation and Group Communications Plan.3 Group Communications Methods.4 Group Goals.5 Group Development and Norms.6 Developing...

How does the article Fixing Facebook: Fake news, privacy, and platform governance relate to the ted talk video what obligations do social media platforms have to the greater good? Ted talk video...

Question 1 Criticallyanalyzethe statement petroleum industry is also highly capital-intensive, so strong returns are critical to attracting low-cost debt and equity capital. In fact, while many of...

Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...

Module 9 Assignment: TOC Answer all the questions and submit your answer report to Module 9 Assignment in Dropbox by the deadline . The report should be typed, single spaced, in one MS Word file. You...

I have to create a program in C and I can't figure it out. The program has to read a source file. Please help. /******************************************************************** PROJECT: Glossary...

Hi, I'm having an issue with this Simnet project and I was wondering if anyone could help me. There is only one issue: Step 3a, in the instruction pdf that I have attached. When my project is graded...

CERTIFICATE IV IN FINANCE AND MORTGAGE BROKING - FN540820 Page 1 UNIT 9 MANAGE PERSONAL AND PROFESSIONAL DEVELOPMENT Unit Code: BSBPEF501 This unit describes the skills and knowledge required to...

Agents are in Realtor group and bossman is in management group. The 2008 Server (Server1) has 4 shared folders (agent share, management share, sales share, and admin share) Each folder allows the...

MKT500 Week 8 Discussion Board 8 attached are the questions, scenario, and supportive reading materials. MKT500 DB 8 "The Importance of Social Media and Web Analytics" 1.) From the scenario,...

At May 31, 2022, Crane Inc. has $4000 in beginning raw materials, $5500 of direct labour. If manufacturing overhead was $10000, total manufacturing costs was $50000, and total raw material purchases...

What does the sign (positive/negative) of the income elasticity tell us about a good?

Find the magnitude of the linear momentum for the following cases. ( Enter your answers in kg m / s . ) ( a ) a proton with mass 1 . 6 7 1 0 2 7 kg , moving with a speed of 5 . 5 0 1 0 6 m / s kg m /...

P-1) (100 Pts.) A chemical manufacturing company (CMC) has a contract for the procurement of the neccssaly chemicals from four suppliers. The chemicals purchased from Supplier A are priced at $20...

Write a proposal using all 18 proposal elements discussed in this chapter.The subject of your proposal can be (a) permitting employees to bring pets to work, (b) instituting job sharing in...

Teamwork. Refer to Application Exercise 2. As directed by your instructor,work with your group to prepare a proposal that responds to an RFP created by another group in your class. (Objectives 1 and...

Technology. Write (or e-mail) three businesses and request copies of their policy on accruing and awarding vacation leave time. Summarize your findings in a memo to your instructor. Describe the...