Question

Scenario You work for a PR and marketing company that handles highly sensitive information for its high-profile clients. Client records are stored in a database and file system hosted on your private corporate network. As well as client records, this includes media such as photos and videos. Most remote client communications and data transfers take place using a one-to-one encrypted messaging app, but you also accommodate some clients who prefer to use email. A high percentage of your staff work remotely, accessing data and services over a VPN. You are reviewing your security procedures in the light of some high-profile hacks of celebrity data. At this point, you want to understand the attack surface and attack vectors by which your private network could be compromised. 1. What remote access methods could an attacker exploit? 2. Focusing on email, think of how email is processed as it is sent by a remote user and received by your company. What are the attack vectors against the company's email servers? How can these be related to adversary capability, assuming the levels to be advanced (most capable), developed, and augmented (least capable)? 3. What comes next in the chain of processing incoming email, and what attack vectors can adversaries exploit? 4. What countermeasures can be deployed for each email attack vector?

          Scenario
You work for a PR and marketing company that handles highly
sensitive information for its
high-profile clients. Client records are stored in a database and
file system hosted on your private
corporate network. As well as client records, this includes media
such as photos and videos. Most
remote client communications and data transfers take place using a
one-to-one encrypted messaging
app, but you also accommodate some clients who prefer to use email.
A high percentage of your staff
work remotely, accessing data and services over a VPN. You are
reviewing your security procedures in
the light of some high-profile hacks of celebrity data. At this
point, you want to understand the attack
surface and attack vectors by which your private network could be
compromised.
1. What remote access methods could an attacker exploit?
2. Focusing on email, think of how email is processed as it is sent
by a remote user and received by your
company. What are the attack vectors against the company's email
servers? How can these be related to
adversary capability, assuming the levels to be advanced (most
capable), developed, and augmented
(least capable)?
3. What comes next in the chain of processing incoming email, and
what attack vectors can adversaries
exploit?
4. What countermeasures can be deployed for each email attack
vector?

Added by Howard M.

Question

Please give Ace some feedback