Exercise: K2 Network K2 Network operates online game sites used by about 16 million people in over 100 countries. Players are allowed to enter a game for free, but must buy digital “assets” from K2, such as swords to fight dragons, if they want to be deeply involved. The games can accommodate millions of players at once and are played simultaneously by people all over the world. Prepare a security analysis for this Internet-based business. Copy the following quesons and respond by wring, at a minimum, one or two well-developed paragraphs for each queson. Be sure to cite the text to support your responses by integrang evidence through quotaons, paraphrases, or summaries. 1. What kinds of threats should it ancipate? K2 Network is an online game site network should expect online threats. The chapter 4.2 discusses threats such as being hacked by hackers, viruses, irresponsible insiders, social engineering, dumpster diving, phishing, and more. Since hackers are movated by profit or just for the challenge it is always to be expected hackers will aempt for one reason or another. On page 103, the text describes how hackers don’t have to physically be on site. This can be done remotely, or by drive by hacking, where an aacker accesses a wireless computer network, intercepts data, uses network services and/or sends aack instrucons without entering the office or organizaon that owns the network. 2. What would be their impact on the business? In the event one of the threats were successful in a breach, the impact on K2 Network business could potenally put them out of business. On page 109 the chapter shares that hacker can obtain elevated access called privilege escalaon, which may allow them to conduct illegal acons by deleng data or performing unauthorized acons. This could discourage and deter current and potenal customers from using K2 Network. 3. What steps can it take to prevent damage to its Web sites and connuing operaons? There are many steps K2 Network can take to prevent damage to its network. The text describes the organizaons employees are insiders and are the first line of defense training and educang employees about fishing emails, proper disposal of trash, changing passwords, pharming, keeping soſtware up to date, and doing everything they can to prevent and resist the ancipated threats. Page 107 says technology is the second line of defense from malicious agents. These agents are spammers that farm email addresses off websites or deposit spyware machines. They can incorporate authencaon and authorizaon measures in place for its employees via passwords, smartcard or tokens, and fingerprints and signatures authencaons prior to gaining access.