Question

After you complete the Practice Tasks, you learn about new developments at Game Technology. Your initial design was good, but the team leader wants you to try another approach. She put these questions to you: "Should corrective maintenance get a higher prioritythan other types of maintenance? Why or why not? Should cost-benefit issues be considered? If so, how would this be done?" Also, your security plan was good, but did not go far enough. The team leader wants you to include at least five more types of attacks, with examples and suggested responses.

Task 1. Revise the simulated attack plan by including five more types of attacks, with examples and suggested responses.

Task 2. Consider the team leader’s questions carefully. When you reply, include a revised grid design as needed.

Answer 1

Answer-

- Should corrective maintenance get a higher need than different kinds of maintenance?

Corrective maintenance is completed after discovery of an irregularity and objective is to restoring ordinary working conditions.

This methodology relies upon the firm conviction that the costs kept up for personal time and fix if there ought to emerge an event of fault are lower than the theory required for a constant maintenance program.

In the event that the framework is steady and persistently working, at that point Yes Corrective maintenance gets a higher need, as it targets especially on the issue and in this manner gives a quick arrangement

Corrective maintenance is additionally financially savvy, in this manner making it good among all principle Maintenance systems

5 more types of attacks are -

1 - Malware.

"Malware" alludes to any sort of destructive software, for example, infections and ransomware.

Once malware is introduced in PC, it can make a wide range of ruin, from assuming responsibility for your machine, to observing your activities and keystrokes, to quietly sending a wide range of secret information from your PC or system to the attacker's command post.

Attackers will utilize an assortment of techniques to get malware into your PC, yet at some stage it often requires the client to make a move to introduce the malware.

This can corporate clicking a connect to download a record, or opening a connection that may look innocuous (like a Word report or PDF connection), however really has a malware installer covered up inside.

2- phishing -

In a phishing attack, an attacker may send you an email that seems, by all accounts, to be from somebody you trust, similar to your chief or an organization you work with.

The email will appear to be genuine, and it will have some desperation to it (for example false action has been identified for you). In the email, there will be a connection to open or a connect to click.

After opening the malevolent connection, you'll subsequently introduce malware in your PC. On the off chance that you click the connection, it might send you to a real looking website that requests you to sign in to get to a significant record—with the exception of the website is really a snare used to catch your certifications when you attempt to sign in.

So as to battle phishing endeavors, understanding the significance of confirming email senders and connections/joins is fundamental.

3 SQL Injection attack'.

SQL represents organized question language; it's a programming language used to speak with databases. A significant number of the servers that store basic information for websites and services use SQL to deal with the information in their databases.

A SQL injection attack explicitly focuses on this sort of server, utilizing noxious code to get the server to disclose data it ordinarily wouldn't. This is particularly tricky if the server stores private client data from the website, for example, Visa numbers, usernames and passwords (qualifications), or other by and by recognizable data, which are enticing and rewarding focuses for an attacker.

A SQL injection attack works by abusing any of the known SQL vulnerabilities that permit the SQL server to run noxious code.

For instance, if a SQL server is powerless against an infusion attack, an attacker might be able to go to a website's inquiry box and type in code that would constrain the site's SQL server to dump the entirety of its put away usernames and passwords for the site.

4- Cross site scripting -

In a SQL injection attack, an attacker pursues a powerless website to focus on its put away information, for example, client certifications or touchy monetary information. Be that as it may, if the attacker would prefer legitimately focus on a website's clients, they may select a cross-site scripting attack.

Like a SQL injection attack, this attack likewise includes infusing pernicious code into a website, yet for this situation the website itself isn't being attacked. Rather, the vindictive code the attacker has infused possibly runs in the client's program when they visit the attacked website, and it pursues the guest straightforwardly, not the website.

One of the most widely recognized ways an attacker can send a cross-site scripting attack is by infusing vindictive code into a remark or a content that could naturally run. For instance, they could implant a connect to a malignant JavaScript in a remark on a blog.

Cross-site scripting attacks can essentially harm a website's notoriety by putting the clients' data in danger with no sign that anything pernicious even happened. Any touchy data a client sends to the site, for example, their accreditations, charge card data, or other private information—can be captured by means of cross-site scripting without the website proprietors acknowledging there was even an issue in any case.

5-Denial of service

During a refusal of-service (DoS) attack. Attacker flood a website with more traffic than it was worked to deal with, subsequently over-burdening the website's server and it'll be exceptionally unimaginable for the website to present its substance to guests who are attempting to get to it.

This can occur for harmless reasons obviously, state if a gigantic report breaks and a paper's website gets over-burden with traffic from individuals attempting to discover more. Be that as it may, often, this sort of traffic over-burden is pernicious, as an attacker floods a website with a staggering measure of traffic to basically close it down for all clients.

In certain occurrences, these DoS attacks are performed by numerous PCs simultaneously.

This situation of attack is known as a Distributed Denial-of-Service Attack (DDoS). This kind of attack can be considerably progressively hard to defeat because of the attacker showing up from a wide range of IP addresses far and wide at the same time, making deciding the wellspring of the attack significantly increasingly hard for arrange directors.

please like my answer..