Question

NO PLAGIARISM!!! write a security awareness paper that teaches the system administrator population

about a cybersecurity-related problem such as record retention issues, PCI equipment issues, problems with

transitioning to cloud-based resources, or cybercrime incidents such as malware, ransomware, and phishing

campaigns. Pick one specific threat or attack type and provide a specific sys admin-level awareness training

activity on that specific threat or attack. What does a system administrator need to know about it to defend

against it? Include relevant examples, in-text citations, and provide references at the end of the paper. This

paper should be at least two pages long and no more than four pages long (excluding references).

Answer 1

Cybercrime seeks to leverage the poor security setting on both home and workplace IoT devices, generating a significant amount of traffic.

Record retention issues
  Employers should know how long to keep or destroy employee files and documents. Each state and federal agency has a different set of requirements, often covering the same documents so that it is challenging for you what to keep and for how long.

Set policy:

Establish a clear policy on record retention and destruction, including schedule, file location, methods of destruction, and a record administrator. Consider appointing a data steward that serves as a resource for oversight, compliance, and access determination, as well as handling queries and providing guidance.

guidelines :
Personnel files - Resume, interview note, reference check, salary data, performance review, date of hire, promotion, termination, salary garnishment, etc.
Investigative files - Investigative notes are not considered part of the official personnel file for issues such as theft and sexual harassment and access should be limited to the main HR staff.
Supervisor working files - Supervisors often keep files on current employees regarding performance issues. Supervisors must give these notes and files to HR for inclusion or destruction in the official personnel file when the employee transfers or leaves.

Record access :
Determine which records are public and available to the community, shareholders, media, and others. Which records are private with limited access to internal staff, current or prospective supervisors, and which are confidential only to limited employees.

PCI device issues

It was established in 2006 by major credit card providers, Visa, MasterCard, Discover and JCB International as a major body to focus on and advise the Payment Card Industry Security Standards Council of the rapidly growing payment transaction processes Can be launched on landscape. The result was an organic set of criteria with twelve key principles, called the Payment Card Industry Data Security Standard (PCI DSS). (Accroding to Wikipedia)

PCI Tools releases solutions

• Install / maintain firewall configuration that will protect cardholder data
• Do not use vendor-supplied defaults for system passwords or any other security parameter
• Many switches / routers (ie wireless) / applications have a default administrator account, which uses a default password. Remove them if possible, or at least change the password to something very complex.
• Protect stored cardholder data
• Disable direct root login. A simple configuration file that is in a publicly accessible directory can still cause problems, even if permission on Direct Direct Access is prohibited. Storing data in a database is an additional level of security, especially if encrypted and hashed.
• Encrypt the transmission of cardholder data over open, public networks
• Keep cardholder data being sent over the network to a minimum and encrypt it with the highest possible power
• Use antivirus software and update regularly
• The antivirus database needs to be up-to-date to ensure any threat created / exposed after the previous manual update was captured.
• Developing / maintaining secure systems and applications
• Restrict access to cardholder data
• Card-aware machines should only be available on private networks and require two-factor authentication or higher security levels for access.
• Assign a unique ID to everyone with computer access
• Restrict physical access to cardholder data
• Track / monitor all access to network resources and cardholder data
• Audit access logs often.
• Perform regular testing of security systems and processes
• Maintain a policy that addresses information security
• Create a system of internal policies to ensure proper, resuscitation of secure information.

While cPanel PCI is not right out of the box, SSL turns on the cipher with some other features, and to keep your software up to date you must be ready to accept and administer transactions on your cPanel server.

Cloud base source
The cloud security architecture is effective only if true defensive implementations are in place. An efficient cloud security architecture should identify issues that arise with security management. Security management considers these issues with security controls. These controls are designed to protect any vulnerabilities in the system and to reduce the impact of attacks.

Deterrent controls
These controls are intended to minimize attacks on the cloud system. As a warning sign on the fence or property, preventive control generally reduces the level of risk by letting potential attackers know that there will be adverse consequences for them if they move forward. (Some consider them a subset of preventive control.

Preventive controls
Preventive controls strengthen the system against incidents, usually by minimizing if vulnerabilities are not eliminated. For example, empowering cloud users reduces the likelihood that unauthorized users can access cloud systems, and it is possible that cloud users are positively identified.

Detective controls
Detective controls are intended to detect and respond to any events that occur. In the event of an attack, detective control will indicate preventive or corrective control to address this issue. System and network security monitoring, including intrusion detection and prevention systems, are commonly employed to detect attacks on cloud systems and auxiliary communications infrastructure.

Correctional controls
Corrective control generally reduces the consequences of an event, limiting the damage. It comes into effect during or after an event. An example of corrective control is restoring system backups to rebuild a compromised system.

Malware
Malware scammers send emails and social media messages with links at random, linking to something topical — news, an event or something 'interesting' to happen.

If you click on that link, you may be taken to a fake website that looks like the real deal, with the fullness and branding of legitimate sites. To view the video, you will be asked to enable some software, such as a 'codec', to access the video format. If you download the software, your computer will be infected with malware (malicious software).

Another way to deliver malware scams is through websites and pop-ups that offer 'free' file downloads, including music, movies and games, or free access to content, such as adult sites.

Malware scams work by installing software on your computer that allows scammers to access your files or see what you are doing on your computer. Scammers use this information to steal your personal details and perform fraudulent activities. They may make unauthorized purchases on your credit card, or use their identity to open accounts such as banking, telephone or energy services. They can take loans under your name or do other illegal business, or even sell your information to other scammers for further illegal use.

Ransomware
Ransomware is a type of malware that blocks or limits access to your computer or files, and demands the ransom be paid to unlock the scammer.

Infected computers often display messages to pay you a ransom. Scammers may claim to be from the police and claim that you have committed an unlawful activity and must pay a fine, or they may demand payment for a 'key' to unlock your computer.
If you pay the ransom, there is no guarantee that your computer will be unlocked.

Protect yourself
Do not open attachments or click on links to emails or social media messages that you have received from strangers - just press delete.
If you want to get information about footage or major or breaking news, use a reliable news source instead of an anonymous web link.
Beware of free downloads and website access, such as music, games, movies, and adult sites, they can install harmful programs you don't know.
Always protect your computer with anti-virus and anti-spyware software and a good firewall. Buy computer and anti-virus software only from reputable sources.
If you believe that your computer's security has been compromised, use your security software to check for viruses. If you still have doubts, contact your anti-virus software provider or computer specialist.
Protect your office network, computer and mobile devices. Update your security software, change passwords and backup your data regularly. Store your backups offsite and offline. Stay Smart Online explains how to back up your data and secure your mobile devices.

The most ransomware example
1. Cryptolocker

The cryptolocker ransomware is one of the examples that targets Komodo. Komodo has a unique feature that automatically protects the user from cryptocurrency when accessing the computer. The changes made by the cryptolocker are real-time reversed and have been removed by the ransomware removal tool.

Cryptolocker is known to encrypt a user's files and requires payment later to open it. Komodo creates a shadow version of the hard drive to quickly save important files from cryptocurrencies. This baffles the malware by infecting files when in fact it has only encrypted the shadow version.

2. Locker Ransomware

Locker is one of the ransomware examples that Komodo has already taken note of. Locker is similar with cryptocurrency. If the cryptolocker encrypts the files, the locker ransomware locks the files to deny access to the user and demands $ 50 to restore the files.

It usually targets Word, Text and PDF files. Once the files are infected, the user can no longer access it. Fortunately, Komodo has the best defense against this type of ransomware! The auto container automatically replicates the hard drive to prevent files from being locked. Ransomware may think that it has successfully locked files, but with auto content the user can still access them.

3. Bad Rabbit

Komodo has already defeated Bad Rabbit with its advanced antivirus with multiple scanners and malware detection tools. Bad Rabbit is a type of ransomware that pretends to be a valid Adobe Flash player update. When the user visits a specific website, it flashes and interrupts that a new version of Adobe is available. When the user clicks on the bait, it is installed.

Bad Rabbit is a dangerous malware because it encrypts not only the files but also the computer's hard disk. It also prevents Windows from booting normally. The good news is that Komodo has a powerful antivirus that quickly detects any type of malicious software. It uses several detectors and detectors that quickly detect malicious files and block it before it reaches the computer. Comodo provides immediate protection against ransomware.

4. Goldfish

Gone are the days when GoldenEye was afraid of the human resources department. Komodo creates several security layers that are designed to keep malware out of the entire network. Komodo Advanced Endpoint Security includes a robust firewall protection that continuously monitors files entering the network.

Since Goldeneye is designed to destroy critical data, it should be prevented from invading the network. Comodo protects all devices connected to the network to avoid malware infections.