No-Internal-Controls, LLC is a mid-sized pharmace

Author:

February 19th, 2023

No-Internal-Controls, LLC is a mid-sized pharmaceutical sales company in the Midwest of the US employing around 150 personnel. It has grown over the past decade by merging with other pharmaceutical sales companies and purchasing smaller firms.Recently No-Internal-Controls, LLC suffered a ransomware attack. The company was able to recover from the attack with the assistance of a third party IT Services Company.Attack Analysis:After collecting evidence and analyzing the attack, the third party was able to recreate the attack.No-Internal-Controls, LLC has a number of PCs configured for employee trainingThese training computers use generic logins such as “training1”, “training2”, etc. with passwords of “training1”, “training2”, etc.The logins were not subject to lock out due to repeated incorrect loginsOne of the firms purchased by No-Internal-Controls, LLC allowed Remote Desktop connections from the Internet through the firewall to the internal network for remote employeesDue to high employee turnover and lack of documentation none of the IT staff were aware of the legacy remote access The main office has only a single firewall and no DMZ or bastion host exists to mediate incoming remote connectionsThe internal network utilized a flat architectureAn attacker discovered the access by use of a port scan and used a dictionary attack to gain access to one of the training computersThe attacker ran a script on the compromised machine to elevate his access privileges and gain administrator accessThe attacker installed tools on the compromised host to scan the network and identify network sharesThe attacker copied ransomware into the network shares for the accounting department allowing it spread through the network and encrypt accounting filesCritical accounting files were backed up and were recovered, but some incidental department and personal files were lostInstructions:All Questions are worth 3 points each – 12 points total for the assignment. Assignment is due on February 26th, at 11:59 pm, EPT.Question 1:Suggest a password policy for No-Internal-Controls. Include an example of a technical control and an administrative control. Also include examples of a preventative control and a detective control. You may include as many controls as you like. Explain how this will mitigate against similar attacks.Question 2:No-Internal-Controls has a main office, two regional sales offices, and two warehouses. Suggest a physical security policy for No-Internal-Controls that includes controls that address each of the following potential vulnerabilities:The warehouses have multiple controlled pharmaceuticals that must be logged when received and shipped out.Each warehouse has a separate room for highly regulated narcotics.The main office has a public lobby and conference rooms for guests and prospective clients.One of the regional offices is in an urban area that has been suffering from an increase in vandalism and petty crime.The data center is located at the main office. There are two doors, one from the Network Admin’s office and one from the main hallway between the IT department and the Finance department.Question 3:No-Internal-Controls has a limited budget and is considering one of three different projects for the first half of the year:A network penetration test from an accredited third party security firmNew firewalls, a NIDS appliance, jump servers for remote access, and RSA tokens for remote employeesA new fiber channel SAN with specialized backup software allowing off-site replication to one of the regional offices. (See Lecture 7)The organization can only afford one project, the other two will be delayed until the end of the year. The board has asked you to recommend which project will be funded first. Which one do you support, and why?Question 4:The Board of Directors wants to preserve evidence in the event that the attacker can be identified and prosecuted. Refer to slide 8 from the Week 5 lecture. How can we assure that the evidence is authentic? Accurate? Complete? Should you request documentation from the IT services company that investigated? Why? What ports and protocol was in use by the remote employees at the time of the attack?

Calculate the price

Make an order in advance and get the best price

Type of paper

Academic level

Deadline

Pages (550 words)

$0.00

*Price with a welcome 15% discount applied.

Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.

We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.

How it works

Receive a 100% original paper that will pass Turnitin from a top essay writing service

step 1

Upload your instructions

Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.

step 2

Control the process

Once you place an order with our professional essay writing services, we will email you login details to your account. There, you'll communicate with the writer and support team and track the writer's progress.

step 3

Download your paper on time

As soon as your work is ready, we’ll notify you via email. You'll then be able to download it from your account and request a revision if needed. Please note that you can also rate the writer's work in your account.

Pro service tips

How to get the most out of your experience with Homework Mules

One writer throughout the entire course

If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.

The same paper from different writers

You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."

Copy of sources used by the writer

Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.

Testimonials

See why 20k+ students have chosen us as their sole writing assistance provider

Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.

Education

Thank you so much, Reaserch writer. you are so helpfull. I appreciate all the hard works. See you.

Customer 452701, February 12th, 2023

Psychology

I requested a revision and it was returned in less than 24 hours. Great job!

Customer 452467, November 15th, 2020

Psychology

Thank you. I will forward critique once I receive it.

Customer 452467, July 25th, 2020

Political science

I like the way it is organized, summarizes the main point, and compare the two articles. Thank you!

Customer 452701, February 12th, 2023

Business Studies

Great paper thanks!

Customer 452543, January 23rd, 2023

Accounting

Thank you for your help. I made a few minor adjustments to the paper but overall it was good.

Customer 452591, November 11th, 2021

Political science

Thank you!

Customer 452701, February 12th, 2023

Technology

Thank you for your work

Customer 452551, October 22nd, 2021

Finance

Thank you very much!! I should definitely pass my class now. I appreciate you!!

Customer 452591, June 18th, 2022

11,595

Customer reviews in total

96%

Current satisfaction rate

3 pages

Average paper length

37%

Customers referred by a friend

OUR GIFT TO YOU

15% OFF your first order

Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.

Claim my 15% OFF Order in Chat