Question: Question 1 Explain the pros and cons of static data masking. Question 2 Specify at least four major security problems associated with the Cloud Infrastructure-as-a-Service.

Question 1

Explain the pros and cons of static data masking.

Question 2

Specify at least four major security problems associated with the Cloud Infrastructure-as-a-Service.

Question 3

SQL injection is a common type of attacks to database servers. In 2014, a university in the United

States became a victim of such an SQL injection attack against one of its servers which stored

personal information about students and staff. The attack exploited a vulnerability in the outdated

database server software to steal personal details of about 900 students and staff. The attacker then

contacted the university officials, detailing the breach and making extortion threat. As the university

refused to hand over the credentials, the attacker posted the stolen information on a public website.

Which security goal (Availability/Integrity/Confidentiality) was compromised by this SQL injection

attack? Explain your reasoning.

Suggest three (3) necessary actions that should have been taken by the affected organisation to

prevent such an attack from happening and causing damage. For each action, briefly explain

how it helps.

Question 4

Ransomware attacks are a major data security concern nowadays. In 2016, a ransomware attack

known as Petya targeted at computers running certain vulnerable Windows operating systems. In

this attack, the victim received an email purporting a job application. It directed the victim to a zip

file containing a malicious program which appeared to the victim as a PDF document. Once the

victim allowed this malicious program to be executed at the administrator privilege, the ransomware

encrypted the master file table and this effectively removed all mappings to actual files on the hard

disk. The ransomware then demanded payment from the victim.

Which security goal (Availability/Integrity/Confidentiality) was compromised in this case? Explain

your reasoning.

Suggest three (3) necessary actions that should have been taken by the affected organisations

to address this security threat. For each action, briefly explain how it helps.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Because of the large number of devices in today's PC chips, finned heat sinks are often used to maintain the chip at an acceptable operating temperature. Two fin designs are to be evaluated, both of...

I am doing a case study assignment for my master in Project Management. Here are the details of what I need to do : General Guidelines You will be provided with details of a case study in project...

Let A, B be sets. Define: (a) the Cartesian product (A B) (b) the set of relations R between A and B (c) the identity relation A on the set A [3 marks] Suppose S, T are relations between A and B, and...

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

What is the optimal division of work between Pia and the accountant? Should Pia outsource all the accounting tasks, use selective outsourcing, or keep all tasks to herself? Evaluate each accounting...

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Topic Threads Posts Last Post Discussion for Week 1 (Completed) Contains unread posts Locked. Conference Instructions: Each person please make at least one response to one of the posted questions and...

Chapter 2 The Origins of Software Chapter Overview Make an overview of the primary purposes of this chapter. What is the main concept introduced in this chapter? What kind of strategies should...

CHA P TER 9 Understanding Software: A Primer for Managers 1. INTRODUCTION L E A R N I N G O B J E C T I V E S 1. Recognize the importance of software and its implications for the rm and strategic...

In this question assume that p and q are atomic formulae. (a) Compare and contrast path formulae and state formulae in temporal logic. [4 marks] (b) Describe and contrast the meanings of F(G p) and...

answer the question clearly You are building a flight-control system for which a convincing safety case must be made. Would you assign the tasks of safety requirements engineering, test case...

Bryant Corporation was incorporated on December 1, 2009, and began operations one week later. Before closing the books for the fiscal year ended November 30, 2010, Bryants controller prepared the...

Gloucester Motors manufactures specialty tractors. It has two divisions: a Tractor Division and a Tire Division. The Tractor Division can use the tires produced by the Tire Division. The market price...

Down Under Products sales budget for the next four months is as follows: Unit SalesApril 6 8 , 0 0 0 May 8 0 , 0 0 0 June 1 0 8 , 0 0 0 July 8 9 , 0 0 0 The company wants its ending inventory levels...

You purchase 900 shares of 2nd Chance Co. stock on margin at a price of $56. Your broker requires you to deposit $26,000. a. Suppose you sell the stock at a price of $65. What is your return? What...

1. What are the problems of managing data resources in a traditional file environment?

5-9 Hischornklinik Group is a leading private medical clinic group in Germany. It relies on information systems to operate 14 hospitals, as well as hundreds of specialist institutes. Demand for...

5-11 In this exercise, youll use software at various online travel sites to obtain pricing for total travel and lodging costs for a sales conference. EuroPlastiques is a leading EU plastics company....