Can someone please help me with this assigment.  It is for my SEC 440 class, week 3 You Decide. 

 

SEC 440 Week 3 You DecideScenarioThe infectious company, Grocery Stores, Inc. has just been breached by what was first thoughtto be a remote attacker who infected the supermarket chain with a server based malwareprogram. However, after a security assessment was performed, it was confirmed that it was aninside job. Apparently, a new and sophisticated plan was developed by a disgruntled employee.The attacker slipped malware onto servers at all of the company's 200 grocery stores. Themalware appears to have snatched card data from customers as they swiped their credit cardsthrough the checkout counter machine and transferred the card data overseas.RoleYou've been hired as an information security administrator for Grocery Stores, Inc. Your duty isto assess the situation and determine the best course of action to take to ensure that thesecurity breach is contained and eradicated. You will need to interview key staff members anddecide how which member(s) can best assist you in eliminating this risk.PlayersDouglas SmithVice President Information TechnologiesThe fact that the malware was not the ordinary kind of key logger program that mightcapture keyboard presses as a customer logs into their online bank account, but wasinstead software programmed to lift credit card data as it was being transmitted to theservers at Grocery Stores, Inc, suggests that the malware program had to be writtenspecifically to target our stores and deployed from inside the company network. Itseems almost too much of a coincidence to believe that remote hackers would have achance to infect every server with the appropriate malware by using traditional securityflaws such as a misconfigured firewall, or even an out-of-date antivirus application. Wehave over 20 network administrators throughout multiple branch offices and satellitelocations. Security was set up so that each network administrator had the same securityaccess and privileges to each location. In hindsight, I believe that while havingredundant or equal security privileges for all network administrators can be a goodthing; it can also be a major security hole. That is because the administrators haveaccess to the entire system and not just their local area network.

Attachments:

• 1495178338-SEC 440 Week 3 You Decide.docx