Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

1132 words 5 pages
Show More
For a better understanding of the situation in the network of the company I decided to start the analysis by the vulnerabilities that this one presents. Many of these vulnerabilities are the cause for different types of network attacks. It should be noted that while many of these vulnerabilities may be mitigated or eliminated the possibility of an attack always exists.
The first vulnerability is the email server. Although very well controlled for been within the Demilitarized Zone (DMZ), this is always a vulnerability with which most companies have to deal with. This vulnerability opens the way for phishing attack. One way to mitigate this vulnerability is configuring the email server so that only authorized email may enter. This is …show more content…

If this attack is successful, the attacker has access to the internal network of the company so in this case we can be under the three types of threat; it all depends on the intentions of the attacker. The most advisable is to change the password at least every 30 days and if possible relocating the WAP to a most protected location of the network.
Another possible attack that we can face when dealing with WAP is Address Spoofing. This attack consists of trying to seem at something that really is not. Is normally present a false network address to pretend to be an authorized machine of the system. If the WAP is not configured to filter out traffic with internal external addresses, the attack may be successful. The main objective of this attack is the destruction and / or alteration of the system and the information; although it remains the possibility of disclosure.
The last segment of analysis is the one were the users and data servers are located. The only visible attack in this area is Insider Attack. This type of attack is usually carried out by disgruntled or corrupt employees to take advantage of a situation. Although on a smaller scale, is always present in all companies and is more difficult to detect because the attacker has access to the system without having to perform any suspicious operation.
Eavesdrop, steal, or damage information, use information in a fraudulent manner, and deny accesses to other

Related

  • Cis 333 Final Term Paper
    2543 words | 11 pages

    only responsibility of security and IT staff but every individual is involved in protecting the information. The risks to information security are not digital only, but it involves technology, people and process that an organization may have. These threats may represent the problems that are associated to complex and expensive solution, but doing nothing about these risks is not the solution. The case we….

    Show More
  • Courses
    3414 words | 14 pages

    industry supported (standards where appropriate), scalable, and fault-tolerant; • Ensure that the design is implemented to help ensure compliance with any and all applicable regulations; • Proper management of access control for legitimate users and malicious users is of the utmost….

    Show More
  • Final Test
    3050 words | 13 pages

    instructor. You may review your submitted answers at any time through the My Submissions link in the left menu. 1. __________ is a method in which a sniffer is used to track down a conversation between two users. a. A man-in-the-middle (MITM) attack b. Session….

    Show More
  • Nsa Capstone Project
    16275 words | 66 pages

    NETWORK AUTHORITIES: REQUEST FOR PROPOSAL NETWORK IMPLEMENTATION 1. Table of Contents PRELIMINARY SCHEDULE ....................................................................................................3 Staff Training .............................................................................................................5 Teacher Training ........................................................................................................6 INTRODUCTION........................….

    Show More
  • MMT2 IT strategic solutionTask 2
    2757 words | 12 pages

    infrastructure revealed some threats and opportunities that must be properly addressed in order to prepare the company for the planned expansion into the east coast. One of the threats identified was the vulnerability of the wireless network. The proposed technology initiative determined as the solution to the problem is to implement an adaptive wireless intrusion prevention system. As discovered in the SWOT analysis,….

    Show More
  • Csec 650 Individual Assignment 2
    4263 words | 18 pages

    IA2: Business Continuity Plan for Information Technology CSEC 650 University of Maryland University College Abstract Business contingency and continuity of operations plan are vital to business, especially those reliant on digital media. Whether through nature events or the more likely interruption of computer systems and networks, a disruption of any type is a serious business concern. A disruption can harm operational revenue, services, supply-chain, and reputation. Any of the preceding effects….

    Show More
  • A Study on Ecommerce : Gmarket
    5477 words | 22 pages

    table of contents Executive Summary 1. Introduction 1 2. Competitive environment Analysis 1 2.1 Threat of new entrants 1 2.2 Bargaining Power of Buyers 2 2.3 Bargaining Power of Suppliers 2 2.4 Threat of Substitutes 3 2.5 rivalry among existing competitors 3 3. Value-Chain Analysis 4 3.1 Business Model 4 3.2 Primary Activities – Creation of actual product/service 5 I. Operation/Processes 5 II. Services 5 III. Outbound Logistics 6 IV. Customers/Marketing & Sales 6 3.3 Support ACTIVITIES - The….

    Show More
  • Application of Project Management Tools on the City School's Erp Project
    12943 words | 52 pages

    Table of Contents Acknowledgement Executive Summary Chapter 01: Introduction 5 1.1 Introduction to the Company 5 1.2 Mission Statement 6 1.3 Organization Chart 6 1.4 Role of Regional Office 7 1.5 Hierarchy of the System 9 1.6 Hierarchy at the Regional Office 9 1.7 Introduction to the Project 9 1.8 Current Financial Status of the Project 10 1.9 Activities 10 1.10 Current Activities 11 1.11 Vendor 11 1.12 Authorization/Personnel Involved 12 1.13 Duration of Tasks 12 1.14….

    Show More

Popular Essays