Answer the following questions:
- Develop and draw an attack tree starting with gaining access to a finance user’s computer and their related Active Directory account. Make sure you capture what you can possibly do with the account immediately, as well as how you can use it to get even more access within the company in the long run. Describe how the attacks are linked. Document any assumptions you may have, if any, that would justify your reasoning.
- Based on the created attack tree, are there any specific control you might recommend to reduce the threat or eliminate the attack vector? Broadly speaking, how can you determine whether a control should be implemented to protect a vulnerability? What are the criteria for making such a decision, from a business point of view? As one of the options in risk treatment is to stop doing the activity that creates the risk, how would you justify that suggestion?
Format
- Answers should be written in paragraphs. Bullet points may be used for lists introduced by the paragraphs if desired.
- Include at least 3 references to Module 5’s resources: textbook, readings, videos.
0 comments