Discussion 4(14) | Criminal homework help

1. Research and select a cyberattack/cyber-incident in which one of the threat actors discussed was involved, provide link. Breakdown the motivation of this threat actor.

2. Select a phase of the SDLC and further breakdown its steps/criteria/goals/artifacts and so on.

3. Describe a generic threat model briefly. For example:

      (a) Identify assets: website server, database, domain name

      (b) Describe architecture: http/https requests and responses, business logic like SQL to communicate with database, web client to web server to data store communications

      (c) Decompose application: database stores usernames/info/login process, lines of communication protocols, other technical aspects/functions possibly

      (d) Identify threats: sql injection for login process, domain hijacking upon renewal, man-in-middle attack on unsecure communication, denial of service/distributed denial of service attacks on web servers

      (e) Documents threats: (N/A for this discussion board, more of an actionable step to document the different threats)

      (f) Rate threats: (rate on priority of the threats you listed, 1 being more severe) 1. denial of service attack/distributed denial of service attack, 2. sql injection 3. man-in-middle, 4. domain hijacking             renewal 

3 pages

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>