What Exactly Is Information Technology, Essay Example

Go to the following address: https://www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013. (Note: there are four underlines between the last five words) 

This is a list of the ten top software security issues of 2013. Pick any one of the ten and write a one page summary about what you read.

Information technology is an important aspect of any corporate set up. In 2013, there were different security threats. Specific on this, the fifth most system security threat was the security misconfiguration.

The security threat is posed by anonymous attackers or people who are not known to those being attacked but those who have their own accounts. They may use their own system to crack and interfere with the normal functioning of the system. Insiders who interact with the system on a daily basis can be the cause of sabotage by colluding with malicious outsiders to interrupt the smooth working of the system. These threat agents poised the greatest threat to the security misconfiguration.

The exploitability possibility of a system is easy. Once the attackers have found their way into the system, they will have the full access of default accounts, unused pages, unmatched flaws, unprotected files and other directories so as to penetrate and get accessed to the whole system. In the process, the system interference is caused, and a number of data can be lost, and many other applications interfered with in the process. Once the attackers have launched the system attack, the exploitability of the system becomes easy.

Unlike other security threats which only occur at some stages or level, security misconfiguration can occur at any given level of application. The vulnerable applications could include the platform. Web server, application server database, and framework and custom codes. To this end, it is the duty of the system administrators and developers to ensure the efficient configuration of the system. On this regard, automated scanners are, therefore, useful for detecting missing patches, misconfigurations and use of default. The detectability of such attack is easy as the system will convey an unusual functionality.

The impact created by such security misconfiguration is moderate because such flaws will enable the attackers to get unauthorized access to some system data and functionality. In other cases, such attacks result to complete system compromise and interference with the normal operations of the system. When the attackers succeed to infringe in the system, the whole functionality of the system could be compromised and interested with without the users knowing. The users might realize unusual functionality, therefore, hampering the smooth running of the business.

The system applications which lack proper security hardening are vulnerable to the system misconfiguration. Some of the signs that the system is under attack include outdated software, and  system handling revealing stack traces of others users. The attack could be prevented by repeated hardening of the system to prevent any intruders from interfering with the system.

Access the 2013 SEIM Report at http://www.gartner.com/technology/reprints.do?id=1-1FJ5IML&ct=130508&st=sb.
What is the SIEM Magic Quadrant and discuss what products seem to have the best vision and best execution of incident management, according to what is shown in the quadrant?

The security Information and Event Management (SIEM) is defined as the customer’s need to analyze security event data in real time for internal and external threat management. This technology puts together event data produced by security devices and network infrastructures. The Magic Quadrant is the platform which provides for the normalization of data, so that events and data related to events are put in contextual and analysis of network security and monitoring of compliance reporting in case of breach of the compliance agreement. From the quadrant, Alien Vault is the product whose execution is successful among the products. It provides vulnerability assessment, network and host intrusion detection and file integrity monitoring. The Alien Vault provides integrated SIEM in the file management and integrity monitoring, vulnerability assessment, host and network–based intrusion detection system capabilities. Customer references show that the software and appliances  are much less and inexpensive and the competitors in the SIEM space. The predefined correlation rules for intrusion detection system and intrusion prevention. The files management has a correspondence to the system in which the appliance is safeguarded. The Alien Vault has the command to the interface and the information transmission.  It also has customized interfaces and integrated supported events and command transmission.

Go to www.us-cert.gov/current and identify the top current incident threats. Categorize each as either technical or behavioral. Which is the largest group?

The top current security threats are the converter memory corruption which has taken the lead in the list of the top security threats and major concerns to the United States. The prevalence has been noted during the recent advancement in technology in the production of the Google Glass and other fiber related technology. This particular security threat is a behavioral threat since it takes a personal dimension and a personal instinct.

The second top current threat incident is the multiple exploitable vulnerabilities. This is the case where the applications and the system configurations are exposed to the malicious intentions of other people. The people are in the case involved in the pilferage of important data that might compromise the security of other system hosting platforms. The security incidences are reportedly very agreeable and supportive of the system securities which are in a way a threat to the well-being and the sustainability of the system. This threat is a behavioral threat since it is facilitated by individual interests that are the core interests of the perpetrators of such acts.

The third threat incident is the Websense Triton Unified Security Center information disclosure vulnerability. This incident that took place early in the month was an act of collective sabotage where insiders conspired with the outsiders to leak valuable information and water down the integrity of the people who have worked tirelessly to make their contributions to the welfare of the company.  This was a technical vulnerability since   the company was tagged in a technicality involving the company records and the passage of information to the outside stakeholders.

Using your favorite search engine, look up “Trojan Horse Defense”. How can it be used to question the conclusions drawn from a forensic investigation? Site a case where it was used.

Trojan Horse Defense is a computer malware which is instigated through computer crimes.  This defense attribute prevents cybercrime through malware. Malware is written and programmed software meant to infect private computers and personal devices. Through this, malicious people propagate and commit fraud and identity theft. This poses a great threat to those who are surfing, shopping, emailing and using the internet. The malware takes advantage of the vulnerability of operating systems, browsers and programs. Trojans can be downloaded unknowingly by internet users with the thought of legitimacy. In the process of downloading games, music player, movies, Trojan normally accompanies such downloads and is spread by peer sharing of files among users and workstations.

Trojan is spread by developers luring users to links and sites which contain the impure files. The program then is downloaded in the background as the site is browsed. Attackers include spyware in the virus and, therefore, are able to track and follow up on the files and privacy of the user. From the foregoing facts, Trojan is a malicious malware which is unwanted in by any computer user. To this end, Trojan defense is handy in preventing the infecting and subsequently eliminating the malicious program. Trojan defense ensures that the program is secure by use of different factors. The Trojan Defense protects computers with strong security software, such software are resistant to attacks by the malware and, therefore, makes sure the computer is secure and is free from any attacks. The Trojan Defense also uses a security-conscious Internet Service Provider that implements firm anti-spam and anti-phishing procedures.

Trojan defense can be used to question the findings of forensic investigation. It has automatic windows updates and system monitoring software. Therefore, it provides a platform to follow the data sent and received by the computer that has received attack from the malware. The Trojan Defense is capable of following the activities of a system and, therefore, provides online record for crucial forensic investigations. The same has been used in the Operational Complexity Model to derive complexities of the most prevalent cyber-crime occurring in Southeast Asia, in peer-to-peer multimedia industry.