ABC is an online electronic retail store with over 50,000 loyal customer base and revenue of $20,000 per hour. Up to 35,000 transactions per day are completed. ABC has 100 continuing and 20 short term employees as well as 30 contractors, who have authorised access to ABC's system and networks. ABC uses a web server, an email server and a database server in its business operations. The web server is used for hosting the transaction processing system. The database server is used for maintaining customer details, orders, inventory and shipment information. The application server implements the actual business logic. ABC has four major divisions: IT, customer service, sales and marketing. Teddy is a CEO (i.e., toplevel manager) for ABC. Martha is the CIO (i.e., middlelevel manager) while John is the frontline manager for IT division. ABC uses stateofart security controls (Transport Layer Security, firewalls, antivirus products, intrusion detection systems, multifactor authentication, etc.), encryption algorithms for protecting sensitive records both in storage and in transmission.
1. Briefly explain the roles Teddy, Martha and John play in the development of strategic, tactical and operational planning for ABC. You must justify your answer.
2. Suppose that an external attacker deliberately sought and gained access to ABC systems. The attacker vandalized ABC's Website and stolen some files that contained sensitive customer data, employee data and some of ABCs intellectual property such as draft internal policies, meeting minutes, unpublished financial data, and proprietary process documentation.
a. For each attack on ABC, list and briefly explain at least two possible threat categories. You must justify and argue convincingly your choice of the threat categories.
b. For the attacks on ABC, list and briefly explain two possible and credible vulnerabilities that the attacker might have exploited to perpetrate the attacks. You must justify and argue convincingly why the vulnerabilities you choose are possible and credible. If you give more than two vulnerabilities, only the first two vulnerabilities will be marked.
c. For each vulnerability you identified in 2b, suggest one managerial control, one operational control and one technical control. You must justify your choice and argue convincingly that the controls can and will safeguard ABC against the possible attack (s).
3. List and briefly explain two specific benefits that an incident response plan offers ABC in regards to the above attacks. If you give more than two attacks, only the first two attacks will be marked.