USA: +1-206-973-7012 
Sign in
Answer all the questions in Part A and Part B. Part B is a case study and you should read the case study and answer the five questions.
Q1
Read the attached article “SIEM-based detection and mitigation of IoT-botnet DDoS attacks” download and answer the following questions.
a) Discuss four features of IoT devices that exacerbates the problem of IoT botnets.
b) Discuss three approaches that could be used to detect IOT botnets.
c) Explain the steps in a ML approach you could use to detect IOT botnets.
Q2
Botnets are one of the most pressing security threats in cyberspace today and it is well known that the major motivation for setting up botnets is financial. There are number of techniques for defending cyberspace from botnets. The best approach to defending against botnets is locating and taking down the CC servers, and then locating and arresting the botmaster. Discuss the main challenges of locating and arresting botmasters.
Part B [60]
The answers to this part should not exceed 5 pages or 1200 words.
This is a case study based on a massive cyberattack that was conducted via a phishing campaign at Anthem in February 2015 in which 78.8 million records were exfiltrated. Anthem is the second largest health insurance provider in United States. Read the article “A new In-Depth Analysis of Anthem Breach” located here (https://www.bankinfosecurity.com/new-in-depth-analysis-anthem-breach-a-9627.) and then answer the questions below. You may need to conduct some more research in order to address the questions comprehensively.
Determine the fundamental challenges that organizations face in general in regard to protecting organizational assets and information.
Explain how this cyberattack happened.
Determine the main actions that Anthem took after the breach occurred including costs, as well as the specific security enhancements that were implemented to minimize the chances of such an incident occurring in future.
Discuss the lessons that were learned from this incident.
Give your opinion as to whether or not the attack was mainly due to the poor security management or the inability of management to act accordingly or both. Justify your answer.
