ENTERPRISE CONTINUITY PLANNING

Paper details: Scenario: An employee hacked in" rel="nofollow">into the human resource records system at the employee’s place of busin" rel="nofollow">iness and changed the employee’s base salary rate to obtain" rel="nofollow">in a pay raise. The employee did this by spoofin" rel="nofollow">ing an IP address in" rel="nofollow">in order to eavesdrop on the network. Once the employee identified where the data was stored and how to modify it, the employee made the changes and received two paychecks with the new amount. Fortunately, an auditor happened to discover the error. The auditor sent an e-mail to several in" rel="nofollow">individuals within" rel="nofollow">in the organization to let them know there was a potential problem with the employee’s paycheck. However, the employee was able to in" rel="nofollow">intercept the message and craft fake responses from the in" rel="nofollow">individuals the origin" rel="nofollow">inal e-mail was sent to. The employee and the auditor exchanged e-mails back and forth until the employee was soon given access permissions for some other fin" rel="nofollow">inancial records. With this new in" rel="nofollow">information, the employee was able to lower the salaries of the president of the company and several other employees and then to in" rel="nofollow">include the salary difference in" rel="nofollow">in the employee’s own paycheck. The IT staff determin" rel="nofollow">ined that the spoofin" rel="nofollow">ing that occurred that allowed the employee to gain" rel="nofollow">in access to the human resources system was caused by a lack of authentication and encryption controls. As such, a local root certificate authority was in" rel="nofollow">installed to implement a public key in" rel="nofollow">infrastructure (PKI) in" rel="nofollow">in which all communication to the human resource system required a certificate. This would encrypt network traffic to and from the human resources system and prevent eavesdroppin" rel="nofollow">ing. It would also properly authenticate the host to prevent spoofin" rel="nofollow">ing. Task: A. Perform a postevent evaluation of how the organization’s IT staff responded to the attack described in" rel="nofollow">in the scenario by doin" rel="nofollow">ing the followin" rel="nofollow">ing: 1. Describe the series of malicious events that led up to the in" rel="nofollow">incident. 2. Identify who needs to be notified based on the type and severity of the in" rel="nofollow">incident. 3. Outlin" rel="nofollow">ine how the in" rel="nofollow">incident could be contain" rel="nofollow">ined. 4. Discuss how the factor that caused the in" rel="nofollow">incident could be eradicated. 5. Discuss how the system could be recovered to return to normal busin" rel="nofollow">iness practice. a. Explain" rel="nofollow">in how the system could be verified as operational. B. Perform a follow-up of the postevent evaluation by doin" rel="nofollow">ing the followin" rel="nofollow">ing: 1. Identify areas that were not addressed by the IT staff’s response to the in" rel="nofollow">incident. 2. Identify the other attacks mentioned in" rel="nofollow">in the scenario that were not noticed by the organization. a. Describe the type and severity of the attacks not noticed by the organization. b. Describe how these additional attacks can be prevented in" rel="nofollow">in the future. 3. Recommend a recovery procedure to restore the computer systems back to a fully operational state. C. When you use sources, in" rel="nofollow">include all in" rel="nofollow">in-text citations and references in" rel="nofollow">in APA format.