Quiz D-SF-A-24: Dell-EMC Dell Security Foundations Achievement

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.

Topic 1, Case Study Scenario
Overview
It is recommended that you read through the case study before answering any questions. You can
always return to the case study while viewing any of the twenty questions.
Introduction
As the threat landscape has grown over past years and continues to evolve unpredictably, cyber-
attacks on organizations are now unavoidable. Security is no longer about averting attacks; it is all
about preparing for them.
In recent years, large corporate data breaches have impacted millions of customers and revealed
personal information that can be used in follow-on crimes. The longer a cyber-attack goes unnoticed,
the more damage it does to the business and the more money and time it will cost to recover.
Hackers steal financial, medical, and other sensitive information to sell online or use in cybercrimes.
This unpredictable security threat landscape has resulted in a challenging scenario for all
organizations.


Business Description


Tap the image to zoom
A .R.T.I.E. is a midsize social media company whose key customers are 18- to 28-year-olds. Using the
organization's platform, customers can share content such as photos, videos and post status updates
and views. The organization has a in-built messenger app that helps users to interact. The platform
also has an option to make in-app purchases and play games with other users.
One key characteristic of A .R.T.I.E. is that it supports social influencers and has attracted large firms
as advertisers.
With 450 employees, who work from different locations, the main goal of A .R.T.I.E. is to provide high
quality of services to a user base of 15K individuals and associates. The employees have access to the
apps, platform, data, and systems through an internal network that uses a virtual private network
(VPN) to secure access from remote locations.


Business Problem


Tap the image to zoom
Senior management of A .R.T.I.E. expects the core business to continue to grow rapidly due to an
increase in user traffic and increased demand of its advertising platform especially by big
organizations.
Based on their current business-critical needs for their solutions and client base, the organization is
planning to move towards a global operational geography and have migrated some of its key
applications to the public cloud. Deployment of the applications to the public cloud provides:
. Ability to scale.
. Higher data transfer speeds and more efficient access management.
. Faster time-to-market and better control of IT costs.
However, with progress comes new challenges as public cloud environments broaden the attack
surface from which attackers can try to gain unauthorized access to an organization's resources. A
.R.T.I.E. also must comply with various regulations and cloud security controls and have to come up
with holistic security capabilities that ensure security across the organization, core-to-edge-to-cloud.
Even though the IT team of the organization constantly monitor their IT environment and assets
along with watching for unauthorized profiles, information disclosure, fake accounts, and other
threats, the CIO of A.R.I.T.E. is aware that the nature of their business being an open platform makes
them a prime target for attackers and other cybercriminals.
Due to the growing business and untrained employees, the organization is constantly under the fear
of threat. This fear increased tenfold when they had discovered two back-to-back cyberattacks
resulting in unauthorized access to databases containing user information.
In the first attack, the attackers performed data theft techniques to exfiltrate vulnerable information
and held internal systems for ransom. This incident led to the company negotiating a ransom
payment to recover dat
a. Also, an unexplained surge in requests to a single webpage occurred along with unusual network
traffic patterns which indicated a second attack. These attacks were concerning not only for the
financial impact but also for the amount of data exposed.
Requirements
The key requirements to address the primary challenges to the business includes:
. Understanding the cyber threat landscape specific to the organizational risk tolerance.
. Secure migration of applications to the public cloud.
. Implement a suitable security framework to tackle current and emerging threats.
. Identify possible vulnerabilities and threats.
. Create an incident management plan based on knowledge, experience, and real-time information
to prevent future attacks.
. Learn about the tools and technologies used to avert the attacks and determine which tools will be
appropriate for them.
. Take measures to implement secure solutions and control: Zero Trust, Security hardening, IAM
techniques.


Dell Services Team


Tap the image to zoom
To improve the overall cyber security posture and implement better security policies as the company
grows, A .R.T.I.E. contacted Dell Services.
Dell clients use their services and solutions to collectively monitor thousands of devices, systems,
and applications. Some clients have a significant workforce with minimal IT knowledge, which opens
greater security risks and technological gaps.
Strategic advisory team
. Commonly known as the core security team which has a global presence.
. Helps organizations to evaluate and gauge their exposure to cybersecurity risk.
. Supports various organizations in developing a vision and strategy for handling cyberattacks.
. Provides advice on the implementation of standard cybersecurity frameworks.
Ethical hackers
. Works within the defined boundaries to legally infiltrate the organization's network environment
with their permission.
. Exposes vulnerabilities in customers IT systems.
Threat intelligence and incident management team
. The team help to keep the organization apprised of the latest developments in the security
landscape.
. The cyber security intelligence team investigates methodologies and technologies to help
organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their IT
infrastructure, and in the cloud.
. The incident management team helps consider what they would do when under attack. The team
may simulate an attack to ensure that non-technical staff members know how to respond.
. The simulated attack is managed by the incident management team. This team also helps to
prevent future attacks based on the information gathered.
Identity and Access Management team
. Reviews and accesses the access rights for each member and user.
. During their analysis the Dell cyber team did a thorough analysis to help create a secure
environment for A .R.T.I.E. and mitigate potential attacks.
Outcomes
With the rapid and thorough analysis of security events originating from both internal and external
sources to A .R.T.I.E. complete, the Dell Services team could detect anomalies, uncover advanced
threats and remove false positives. The Threat Intelligence team was also able to provide a list of
potentially malicious IP addresses, malware, and threat actors.
Along with this, the team also implemented methods that helped determine what is being attacked
and how to stop an attack providing A .R.T.I.E. with real time threat detection mechanisms,
knowledge on cyber security. The common outcomes after implementation of the Dell
recommendations were:
. Prioritization of threat and impact - Determine threat intelligence, vulnerability status and network
communications to evaluate accurate vulnerability risk.
. Secure workforce and educate employees about best practices to be adopted to mitigate attacks,
security frameworks and policies.
. Implementation of incident management plan and build an organization-wide security strategy to
avert future attacks.
. Identification of at-risk users and authorized users, account takeover, disgruntled employees,
malware actions.
. Streamlining of security solutions while reducing operational costs and staffing requirements.
. Increased effectiveness to address the continual growth of IT environments, along with the sharp
rise in the number of threats and attacks.
The objective was to consolidate data from the organization's multiple sources such as: networks,
servers, databases, applications, and so on; thus, supports centralized monitoring.