DB2
docx
School
Colorado Technical University *
*We aren’t endorsed by this school
Course
300
Subject
Information Systems
Date
May 24, 2024
Type
docx
Pages
2
Uploaded by MegaLightningChimpanzee30
Unit 2 - Discussion Board
Vulnerability Assessment and Management (CSS300-2402B-01)
Hackers do not simply compromise an existing system, they follow a methodology, and in the end they compromise vulnerabilities somewhere in the environment. Your
boss has asked you to describe how a hacker accomplishes this task. To help understand this, provide your input to the following:
Describe and define a vulnerability
. o
A vulnerability is a flaw in the system that could be used to gain advantage of someone and result in loss or harm. Examples of these flaws include procedures, design, or implementation. For example, if a system doesn't confirm a user's identity before granting access to data, it may be open to illegal data manipulation.
Describe and define an exploit. o
The term "exploit" refers to the act of entering a network, typically without permission from a company. In addition to being a type of software, an exploit can also be defined as a series of commands that take advantage of a flaw or vulnerability.
Describe and define an attack. o
An attack is when one or more exploits are used maliciously and on purpose to target vulnerabilities in one or more systems. Cyberattacks seek to change, block, erase, manipulate, or take control of computer systems as well as to steal, disable, disrupt, destroy, or destroy the data stored on these systems. This can be completed individually or collaboratively. An attack can be launched from any location and target
any system or systems worldwide. An attack can be any combination of different attack methods, which exacerbates the problem even more. It is common knowledge that hackers, also known as "bad actors" or "threat actors," are responsible for computer system or network "attacks." Though there are many different motivations for attacks, some of the more popular ones are cyberwarfare, retaliation, and financial gain. An attack can be classified as either targeted or untargeted, depending on the attacker's objective. This means that the
attacker may be trying to access data from a variety of devices or they
may be specifically targeting a business or system.
Lastly, describe how all three of these concepts work together and lead to a compromised system. o
Any organization with sensitive data on file and a computer system wants to keep that data safe. Protecting data is what computer
security is all about. It addresses the identification and prevention of improper computer user behavior.
A malicious attacker employs a technique to take advantage of weaknesses to accomplish his objective. Weak spots or security gaps that an attacker takes advantage of to access the network, or its resources are known as vulnerabilities.
The next item on a hacker's list after identifying a vulnerability is an exploit. Exploit makes use of a specific weakness in the system that allows hackers to gain access.
The hypothetical situation in which a hacker takes advantage of the vulnerability is called an attack. As a common tactic used by hackers, the attack itself will almost always involve an exploit. After determining
which exploit will yield the greatest profit, a hacker may create several at once.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help