Topic 1: Ethical Hacking
Discuss the main benefits and risks of ethical hacking. Provide examples and/or details to support your ideas. If you have seen examples of ethical hacking, please share these with the group.
Topic 1: Social Engineering
Describe any experience that you or your organization have had with social engineering attacks. Discuss the role of phishing in social engineering attacks. Describe various tools and techniques organizations can use to mitigate against phishing attacks and the relative effectiveness of these tools.
Topic 2: Popular Reconnaissance Tools
Do some research and identify two popular reconnaissance tools. Compare and contrast your chosen reconnaissance tools and explain the benefits and limitations of each.
Topic 1: User Security Education
You have probably received some form of information security education, either in your workplace, school, or other settings. Discuss a situation where you received security education. How was it delivered? How long did it take? How often, if ever, did you receive refresher or update training? Was the training effective? Why or why not? If you have never received such training, discuss what you think should be included in such training and why it would be effective?
Topic 2: System Hardening
System hardening is the term used to improve a system’s security incrementally making it more and more difficult for a hacker to breach it. Research and discuss some best practices in system hardening. Describe any hardening approaches you have seen used, if any.
Topic 1: Common Port Scanning Techniques
Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting to you and share it with the class. If you have experienced or witnessed port scanning activity on a computer network, consider including this in your response as well.
Topic 2: Sniffing Tools and Techniques
Identify a commercial sniffing tool and discuss how it differs from Wireshark and tcpdump. Discuss the various measures organizations can take to protect themselves from active sniffing attacks such as ARP poisoning, MAC flooding, man-in-the-middle, and evil twin attacks.
Topic 1: Wireless
Research the Internet and published research to find a recent wireless exploit that is not discussed in the textbook. Provide a brief summary of the exploit and the threat that it poses to an organization. Also, identify a recommendation for how an organization can protect itself from the exploit. Respond to at least two of your peers’ postings by suggesting additional recommendations on how to protect the organization from the exploit and any additional risks that you associate with the exploit.
Topic 2: Organizational Attacks
Websites continue to be a primary vulnerability to organizations. For example, SQL injection attacks have been understood for years, yet organizations continue to fall victim to such attacks. Why do you suppose this continues to be such an issue? Research a recent attack on an organization in which the attack occurred via a vulnerability in the organization’s website (and related infrastructure). Describe the attack. What steps could the organization have taken to protect against such an attack?
Topic 1: Incident Response
Using the Internet, identify an incident where a company or other organization has suffered a security breach. Research the incident, paying particular attention to the way in which the organization responded to it. Post a summary of the incident, followed by your assessment of the organization’s response. Did the company respond appropriately and in a timely manner? Why or why not? Be sure to cite the sources of your information.
Topic 2: Takeaways
Now that you are at the end of the course, consider the security of information you use, have access to, or for which you have stewardship. What have you learned in this class that will help you contribute to the security of that information? How can you help others also contribute to increased information security? Are there any activities that you think would qualify as ‘ethical hacking’ that you could do relative to information you work with? If so, discuss.
Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.