Description
Assignment Sample Solution: IT Security and Risk Management April 2024
NMIM$ Global Access
School for Continuing Education (NGA-SCE)
Course: IT Security and Risk Management April 2024
Internal Assignment Applicable for April 2024 Examination
1. Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Explain the various types of malware and how is ransomware different from a virus/worm?
(10 Marks)
2. The estimated losses due to elder financial abuse range widely, the FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report shows that people 60 and older submitted more than 62,000 fraud complaints in 2018 with losses totaling nearly $650 million. Some less conservative sources estimate that fraud against seniors, or what’s known as elder financial exploitation (EFE), costs families in the U.S. upwards of $36 billion per year. Research shows that as seniors age, they’re more likely to sustain higher average losses to senior financial scams.
Explain the most common types of attacks targeting senior citizens and suggest precautionary measures for them with reference to these attacks? (10 Marks)
3. Case Study: The Equifax Data Breach
In 2017, Equifax, one of the three largest credit reporting agencies in the United States, experienced one of the most significant and widely publicized data breaches in recent
history. The breach was a massive security incident that compromised the personal and financial information of nearly 147 million individuals. The breach’s consequences were
far-reaching and included legal and regulatory repercussions, substantial financial losses, damage to Equifax’s reputation, and heightened scrutiny of data security practices within
the financial industry.
Incident Timeline and Impact:
i. Undetected Intrusion: The breach began in May 2017 when cybercriminals exploited a vulnerability in Equifax’s web application software. They gained unauthorized access to Equifax’s systems and started exfiltrating sensitive data.
This intrusion went unnoticed for over two months.
ii. Scope of Data Compromised: The attackers gained access to a vast amount of sensitive information, including Social Security numbers, dates of birth, credit card details, and other personally identifiable information. The sheer scale of the breach
made it one of the most substantial breaches of personal data to date.
iii. Delayed Detection and Response: Equifax only discovered the breach in late July 2017, more than two months after the initial intrusion. This delay allowed cybercriminals to continue siphoning off data and led to severe damage to the company’s reputation.
iv. Public Outcry and Legal Repercussions: The breach triggered a public outcry, legal investigations, and a congressional hearing. Equifax faced multiple lawsuits, regulatory fines, and increased oversight from government agencies.
a) Discuss the importance of incident response planning, timely notification to affected individuals, and communication with regulatory authorities. What were the shortcomings in Equifax’s response to the breach, and what lessons can other
organizations learn from this incident? (5 Marks)
b) Highlight best practices in vulnerability management, data protection, and cybersecurity governance. How can organizations proactively defend against cyber threats and secure sensitive customer information? Use the Equifax incident as a
cautionary example to illustrate the importance of these measures. (5 Marks)
*********
Rules and Regulation
General or Editable Assignment: Needs to be change it in your own Wording. After Modification, check plagiarism via some tools on google. After Checking, upload your assignment. Kindly call or WhatsApp to know how and where can you change it. We don’t take guarantee if you don’t change your Content before uploading.
Note: Changes are Mandatory in General Assignment as it is general sample. Use it as a reference.
Unique Assignment: Assignment will be Uploaded directly; more than 80% marks are guaranteed. Plagiarism free. No Copy case. 100 % Guaranteed Assignment.
Buying Process:
General Assignment : Buy Online
Unique Assignment: Call/WhatsApp at 8448433923 to book the order.
Reviews
There are no reviews yet.