use of security information event management
The use of security information event management (SIEM) software detected that a malware attack originated from an international source. As the cybersecurity analyst of NCU-FSB with critical infrastructure and mission-sensitive information, you have determined that the external hackers have the motivation to cause business disruption. The virus penetrated the enterprise’s IT infrastructure, infecting servers, desktops, and laptops; destroying information; and spreading ransomware. The payload of the virus deleted mission-critical files and changed file extensions for all database files.
The attacks have crippled the organization’s ability to make timely business decisions. Further investigation of logs using a security information event management application revealed that there had been significant internal attacks including sniffing, MAC spoofing, WEP/WPA cracking, AP spoofing, and DoS of the company resources due to the weak wireless infrastructure. These attacks have weakened the security posture of the organization.
For this assignment, you must write an academic paper in which you address the malware attack. Your paper should include the following:
title and reference pages
Reasons why web-based applications are vulnerable.
Describe three attacks that can be levied on web servers and their applications. Support this description with supportive reference, where you will describe the economic and operational impact of these attacks, either coming from malware, phishing, whaling, ransomware, or any other.
Recommend response procedures to be followed to contain the impact and spread of the malicious code, mitigate further damage and regain control of the network, applications or services. These recommendations must include at least two tools recommended as part of the solutions with their corresponding features to mitigate wireless network attacks.
Reasons why wireless networks are more vulnerable to attacks than wired networks.
Suggest risk responses in terms of:
Risk mitigation through the application of industry best principles and practices and information security policies
Monitor the infrastructure for security-related events
Securing of information assets
Length: 7-page academic paper
References: Minimum of 6 scholarly resources not more than 5 years old
The completed assignment should demonstrate thoughtful consideration of the ideas and concepts presented in the course and provide new thoughts and insights relating directly to this topic. Your response should reflect scholarly writing and current APA standards. Include a plagiarism report