Settings

Help

Unit $3$ Discussion $1$: Attack Vectors and Security Controls

Subscribe

The human resource $($HR$)$ specialist for TRex, Inc. is the only person who is authorized to access the data for the TRex HR department. The data is inputted through the keyboard into the spreadsheet. As the HR specialist performs updates to the spreadsheet, the data is displayed to the screen using the laptop memory and processes. When the HR specialist has completed editing the spreadsheet, the HR specialist saves the spreadsheet to the laptop's hard drive and prints it through a wireless network connection. To ensure the spreadsheet can be restored if ever lost from the production environment, the HR specialist copies the latest version of the spreadsheet from the laptop hard drive to a USB flash drive as a backup.

Consider the answers to the following questions to identify attack vectors $($Phase

and security controls for mitigating those attack vectors $($Phase $3)$:

What are all the system components in the scenario that can process, transmit, and$/$or store information?

What are the authorized locations for the data as it pertains to storage,

Notification Sugge

transmission, execution environment, input, and output?

Match the following attack vectors to applicable location$($s$).$ Attack vectors may span across multiple locations and vice versa:

may span across multiple locations and vice versa:

$\backslash$table$[[$Location$($s$),$Attack Vector$($s$)],[$Laptop Memory$/$Processes$,$Attacker views the information on the laptop screen$],[$Local Hard Drive,$\backslash$table$[[$Attacker steals and reuses user$/$admin$/$service$],[$credentials for the laptop$]]],[$Flash Drive,$\backslash$table$[[$Attacker monitors unencrypted or weakly encrypted$],[$wireless network communications and captures the data$],[$being sent to the printer$]]],[$Wireless Printer Memory,$\backslash$table$[[$Attacker gains unauthorized physical access to the flash$],[$drive$,$ mounts it$,$ and copies the file$]]],[$Wireless Printer Hard Drive,$\backslash$table$[[$Attacker gains unauthorized physical access to the$],[$laptop$,$ and uses forensic tools or other utilities to copy$],[$the file $($without authenticating to the OS$)]]],[$Inputs$,\backslash$table$[[$Attacker uses keystroke logger on the laptop to monitor$],[$keystrokes$]]],[$Outputs$,\backslash$table$[[$Attacker gains unauthorized physical access to the$],[$laptop$,$ and exploits vulnerabilities to gain OS access$],[($impersonating user$/$admin$)]]],[$Outputs$,$Attacker views a printout of the spreadsheet$],[$Outputs$,$User forwards the file to an unauthorized recipient$],[$Outputs$,\backslash$table$[[$Attacker watches the information being typed in on the$],[$laptop$]]],[$Outputs$,\backslash$table$[[$Attacker gains access to and$/$or control over user's$],[$session and$/$or device$]]],[$Outputs$,$Attacker uses malware on laptop to take screenshots$]]$