pdf

Denver Equifax SO.pdf
Denver Equifax So

Presentation covering Case Study titled 'Denver Equifax So'.

This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
  • Q: What was the root cause of the Equifax breach?
    A: Failure to patch a known vulnerability in Apache Struts.
  • Q: What specific vulnerability was exploited?
    A: CVE-2017-5638.
  • Q: What was the 'detection deficit' in the Equifax case?
    A: Approximately 76 days.
  • Q: What process failure contributed to the breach?
    A: Lack of an effective asset inventory and patch management process.
  • Q: What was the role of 'encryption' in the breach?
    A: The attackers used encrypted channels to exfiltrate data, which was not inspected.
  • Q: What is 'Command and Control' (C2)?
    A: The method attackers use to communicate with compromised systems.
  • Q: What is 'Web Shell'?
    A: A malicious script uploaded to a web server to enable remote administration.
  • Q: What is 'Lateral Movement'?
    A: Moving from the initial compromise point to other systems in the network.
  • Q: What is 'Data Exfiltration'?
    A: The unauthorized transfer of data from a computer.
  • Q: What is the lesson regarding 'Third Party Risk'?
    A: Organizations are responsible for the security of the software components they use.

Ask a question

Have a doubt or need clarification?



I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.

Thank you!

I have received your message and I shall get back to you shortly.