atp_Task_security_professional

Uploaded by

Raajeev Shrestha

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

6 views

atp_Task_security_professional

Uploaded by

Raajeev Shrestha

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

ST4063CEM The Security Professional

Submitted by: Submitted to:

Rajeev Kumar Shrestha Ganesh Bhusal
Student Id: 240186
A multinational corporation with multiple subsidiaries and business units is experiencing
a persistent threat from a highly sophisticated advanced persistent threat (APT) group.
The APT group is using a combination of zero-day exploits, custom malware, and social
engineering tactics to gain access to the company's networks and steal valuable
intellectual property and other sensitive information. The APT group has already
exfiltrated terabytes of data from the company's systems, and the corporation is
struggling to detect and stop the attacks. The corporation's assets include its network
infrastructure, business-critical applications, intellectual property, and customer data.

1. What are the challenges of defending against a persistent and highly sophisticated
APT group?
The challenges of defending against a persistent and highly sophisticate APT group
are:
a. Sophisticated Attacks: Hard-to-detect tools (zero-day exploits, custom malware).
b. Stealthy and Persistent: Attackers stay hidden while stealing data.
c. Human Weaknesses: Social engineering targets employees.
d. Complex Systems: Large networks are harder to protect.

2. What are the potential consequences of a successful attack by the APT group?
The potential consequences of a successful attacks are:
a. Data Loss: Intellectual property and customer data stolen.
b. Financial Damage: Legal fines, response costs, and lost business.
c. Reputation Hit: Loss of trust from customers and partners.
d. Disruption: Business operations affected.

3. What steps can the corporation take to enhance its security posture and detect and
respond to APT attacks?
Some of the steps to Strengthen Security are:
a. Use advanced tools to detect threats.
b. Limit access to critical systems (zero trust).
c. Train employees to spot phishing.
d. Patch systems regularly.
e. Have an incident response plan ready.

4. How can the corporation ensure that its subsidiaries and business units are
adequately protected against the APT group?
The corporation can ensure and protect its subsidiaries using following methods.
a. Apply consistent security rules across all units.
b. Use centralized monitoring and local expertise.
c. Share threat intelligence.
5. What are some potential legal and regulatory implications of data breaches and
intellectual property theft?
Some potential legal and regulatory implications are:
a. Data breaches may result in fines, lawsuits, and reputational harm.
b. Intellectual property theft can lead to competitive loss.
In short the best way to protect the company is invest in strong defenses, train staff,
and prepare for quick responses to secure the company and its subsidiaries.