Securing and Protecting Information

Securing and Protecting Information - Securing and...

Info icon This preview shows pages 1–4. Sign up to view the full content.

Securing and Protecting Information Andrew Carbone 03/14/2016 CMGT/400 Lee Dordal
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Threats and Vulnerabilities There are many threats and vulnerabilities to a network. When looking at many of the different vulnerabilities they can be known as passageways or soft spots in a network. There are quite a few vulnerabilities that are present in every network. These can be by configuration, Security Policies, and/or technology. Some of the technology weaknesses could be lay in many different particulars, Such as; Operating Systems, Network equipment weakness, and even TCP/IP protocol weaknesses. Configuration weaknesses would include, unsecured user accounts, non-unique passwords for the system accounts, misconfigured internet browser settings, and unsecured defaults within the entire network. Security policy risks could include no policy or poor policy written, unauthorized installed hardware or software that do not follow policy, and finally lack of disaster recovery plan. The different types of threats that can take place in an organization include internal and external threats. Either one of these could be unstructured or structured threats. Unstructured threats or more from inexperienced or unmotivated hackers who use basic hacking tools to try and do their work; Where structured are more experienced hackers that are highly motivated and have higher set goals for what they plan to accomplish. There are many different types of groups or individuals that plan a lot of these attacks and could be defined as follows. Hacker – a common derogatory name for a highly trained computer programming expert that uses their skills and education for malicious reasons. Cracker – The individual that attempts to log and gain unauthorized access from passwords or pins to use for malicious reasons.
Image of page 2
Spammer – The individual that sends large numbers of messages, email, etc. to overload networks, but often target home computers by loading messages with viruses to send out mass quantities of these messages. Phisher – An individual that writes programs, sends emails, or messages with the intent to gain personal information such as ID, Social Security numbers and even credit card numbers for personal malicious use. Vulnerability analysis The best way to discover these vulnerabilities and threats would to be to conduct an analysis. To find many of the different vulnerabilities there are certain steps that you would have to take. This would include policy identification, network analysis and host analysis. Policy identification – “If a security policy exists, the designer should analyze it to identify the security requirements, which will influence the design of the perimeter solution.”(Rufi, 2007) Network Analysis – an analysis conducted to mathematically analyze the network from procedures and protocols to the actual physical state of the network.
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Image of page 4
This is the end of the preview. Sign up to access the rest of the document.
  • Summer '13
  • LEE

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern