Instructions
Answer all the questions in Section 1 and section 2. Section 2 is a case study, read the case study and answer the five questions. 
All answers must be in font size 12 and in double-spaced line format. Pay attention to the rubrics when answering the questions.
Section 1 [30 points]
The answers to this part should not exceed 3 pages or 600 words.
Distributed denial of service (DDoS) attacks are commonly used by adversaries to breach organizations with devastating consequences sometimes.  Amazon Web Services (AWS) suffered a massive DDoS attack in February 2020 with a peak traffic volume of 2.3Tbps. You can find some details on this attack at the websites below, but there are many other sources that discuss this attack.
https://www.a10networks.com/blog/aws-hit-by-largest-reported-ddos-attack-of-2-3-tbps/
https://www.zdnet.com/article/aws-said-it-mitigated-a-2-3-tbps-ddos-attack-the-largest-ever/
https://siliconangle.com/2020/06/17/aws-mitigated-record-breaking-2-3-tbps-ddos-attack-february/
What is a DDoS attack and what are the symptoms of such an attack? [6 points]
Explain how the AWS attack happened. [6 points]
Discuss any four types of DDoS attacks (e.g. SYN flood). [10 points]
Describe at least four defenses that can be used to mitigate against DDoS attacks. [8 points]
Section 2 [50 points]
The answers to this part should not exceed 5 pages or 1200 words.
This is a case study based on a massive cyberattack that was conducted via a phishing campaign at Anthem in February 2015 in which 78.8 million records were exfiltrated. Anthem is the second largest health insurance provider in United States. Read the article “A new In-Depth Analysis of Anthem Breach” located here (https://www.bankinfosecurity.com/new-in-depth-analysis-anthem-breach-a-9627) and then answer the questions below. You may need to conduct some more research in order to address some of the questions comprehensively.
Discuss at least five challenges that organizations face in general with regard to protecting organizational assets and information. [2×5=10 points]
Explain how this cyberattack happened. [8 points]
Determine the main actions that Anthem took after the breach occurred including costs, as well as the specific security enhancements that were implemented to minimize the chances of such an incident occurring in future. [14 points]
Discuss the lessons that were learned from this incident. [8 points]
Give your opinion as to whether or not the attack was mainly due to the poor security management or the inability of management to act accordingly or both. Justify your answer. [10 points]