Technical Paper

2508 words 11 pages
Technical Paper: Risk Assessment
Strayer University
CIS 502
December 15, 2013

Risk Assessment
Describe the company network, interconnection, and communication environment. In order to support their growing business, Global Finance, Inc. (GFI) has taken necessary actions to ensure their network remains fault tolerant and resilient from any network failures. GFI has acquired network devices in order to support their network and maintain interconnection among their employees and customers.
The World Trade Organization defines interconnection as:
“Linking with suppliers providing public telecommunications transport networks or services in order to allow the users of one supplier to communicate with users of another
…show more content…
(Beaver, 2013)
• Network Security Omission #2: Weak or default passwords—many web applications, content management systems, and even database servers are still configured with weak or default passwords. Who would need file inclusion or SQL injection when the file system or database can be accessed directly?
Solution: Change and test for weak passwords regularly and consider using a password management tool. Implement intruder lockout after a defined number of failed login attempts. (Beaver, 2013)
• Network Security Omission #3: Misconfigured firewall rulebases—One of the biggest, most dangerous, assumptions is that everything is well in the firewall because it’s been working fine. Digging into a firewall rulebase that has never been analyzed will inevitably turn up serious configuration weaknesses that allow for unauthorized access into the web environment. Sometimes it’s direct access while other times it’s indirect from other network segments including Wi-Fi – parts of the network that may have been long forgotten.
Solution: Start with the organization’s security policy; one that reflects the current situation and foreseeable business requirements. After all, the firewall rulebase is the technical implementation of this security policy. Review it regularly and keep it relevant. (Beaver, 2013)
• Network Security Omission #4: Mobile devices—Phones, tablets, and unencrypted laptops pose some of the

Related

  • Itm524 Mod1 Case
    1917 words | 8 pages
  • Netw 240 Devry
    1642 words | 7 pages
  • Personal Negotiation Essay
    1045 words | 5 pages
  • Share Trading Assignment
    2410 words | 10 pages
  • MGT 437 PROJECT MANAGMENT Complete Class Includes All DQs Individual and Team Assignments UOP Latest
    1771 words | 8 pages
  • Leadership
    2386 words | 10 pages
  • Hrm 568 Week 6 Assignment 3 – Employee Resistance Hrm568 Week 6 Assignment 3 – Employee Resistance
    1657 words | 7 pages
  • Internship Experience Customer Tech Support
    4599 words | 19 pages
  • Change Management Plan Paper
    2595 words | 11 pages
  • A Financial Statement Analysis Project for Introductory Financial Accounting
    5960 words | 24 pages