Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1 . Develop and draw an attack tree starting with gaining access to a finance user s computer and their related Active Directory account. Make
Develop and draw an attack tree starting with gaining access to a finance users computer and their related Active Directory account. Make sure you capture what you can possibly do with the account immediately, as well as how you can use it to get even more access within the company in the long run. Describe how the attacks are linked. Document any assumptions you may have, if any, that would justify your reasoning.
Based on the created attack tree, are there any specific control you might recommend to reduce the threat or eliminate the attack vector? Broadly speaking, how can you determine whether a control should be implemented to protect a vulnerability? What are the criteria for making such a decision, from a business point of view? As one of the options in risk treatment is to stop doing the activity that creates the risk, how would you justify that suggestion?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started