Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
Good Morning Class,
Below is my input to the questions for this week’s discussion:
1. Describe how a phishing attack works. Explain the role of the spam email, domain name, and website in the phishing attack. Phishing attacks typically rely on social networking techniques applied to email or other electronic communication methods. Some methods include direct messages sent over social networks and SMS text messages. Spam email is a way that phishing attacks occur because these type of phishing attacks is simple and can be sent out to multiple people over a short period of time. In some of the emails that are sent, may include links to get you to click on to get you to a specific website.
2. Identify and describe the four basic techniques for arranging an enterprise’s Internet point of presence. The four basic techniques for arranging an enterprise’s Internet point of presence is a Single-Firewall Topology which uses no DMZ and all servers are inside the firewall. Next is the three-legged firewall technique and it provides separate connections to the internet service provider, the enterprise network, and a separate DMZ. Dual firewalls technique uses two firewalls, one to protect the internal network from the DMZ and the other to protect the entire enterprise. Finally, the Bastion-Host technique is less common today, but it provides services to the internet and uses a firewall.
3. Explain how the Web browser authenticates a server that uses SSL. What is the impact on business and our social lives? A web browser authenticates a server by verifying that it has the proper certificates. It is important that this is done because it prevents personal data such as banking information to end up in the wrong hands. The best practice to ensure that a website is secure is to look for “https”.
4. Explain the operation of server-side scripts and client-side scripts. How are they the same? How are they different? The main difference between server-side scripting and client-side scripting is that the server side scripting involves server for its processing. On the other hand, client-side scripting requires browsers to run the scripts on the client machine but does not interact with the server while processing the client-side scripts.
Describe how a phishing attack works. Explain the role of the spam email, domain name, and website in the phishing attack
According to Kaspersky.com, phishing is spam emails or other forms of communication are sent with the intention of tricking recipients into doing something that undermines their security or the security of the organization they work for. In dora terms, these are emails that are sent by a nefarious party in search of normally financial data. The emails look legit as if from a reputable company asking to click a link or an attachment for whatever reason and once clicked malware will be released gaining access to the user’s computer and possibly contact list sending similar emails. Many, if not all, companies has specific training on such attacks giving employees guidance on what to look for and how to spot a phishing email. There are even IT teams who request for the users to send or at least notify them of potential threatening emails.
Once the link or attachment is initiated without taking precautions, the user, in some cases, is taken to a sight that looks legitimate with barely noticeable imperfections set up to tricking the unsuspecting user to giving up their usernames and passwords, which can lead to financial fraud. When an email is received, normally the link can be hovered over to reveal the actual web address, giving the recipient a heads up.
Phishing is different from spear phishing. Phishing is throwing as many messages out into the world and waiting to see how many people bite and give the adversaries what they want. Spear phishing is same same but different. They send the same types of messages, but they are more targeted. Sometimes, these messages can take up to a year to plan and send just to see IF someone bites.
Kaspersky. (2021, January 13). Tips on how to protect yourself against cybercrime. Retrieved February 19, 2021, from https://www.kaspersky.com/resource-center/threats/what-is-cybercrime