Jonathan Velez week 4 it audit.docx - Jonathan Velez CIS-411 How would you gather and assess vulnerabilities in this case I would review all assets that

Jonathan Velez week 4 it audit.docx - Jonathan Velez...

This preview shows page 1 - 2 out of 2 pages.

Jonathan Velez CIS-411 6/30/2019 How would you gather and assess vulnerabilities in this case? I would review all assets that are critical as well as non-critical. I would look at the network architecture/flow diagrams to gain insight and information needed to complete a vulnerability assessment. List at least three vulnerabilities described in the case. Login information such as passwords need to have a stronger system in place. Computer systems need updated patches and anti virus software Physical security needs to be improved Include the severity and likelihood of compromise for each vulnerability identified. Login information- Medium Priority- Needs to implement stronger password feature and a password change policy for every 50 days. Include number, letters, special character in password, length of 13 characters or more. updated patches and anti virus software- High priority- Needs regular security updates to stop viruses and other malicious intents to be prevented. Can cause major down time and profit loss to company if not managed appropriately.
Image of page 1
Image of page 2

You've reached the end of your free preview.

Want to read both pages?

Unformatted text preview: Physical security needs to be improved- High- Devices that are misplaced or stolen and cause serious impact to the company and can cause loss of sensitive data which can lead to loss of assets. CCTV, Cable locks, Physical security, Logbooks need to be implemented. List known or assumed safeguards in place that reduce the vulnerability's impact or likelihood. Scans need to be performed on a regular basis to find vulnerability in system in order to create patches. Enforce password policy by deactivating accounts that do not comply with password policy. Ensure physical security protocols are in place and being followed by doing regular physical audits of log book as well as device accountability. Train employees on security threats and security policies. Include a list of any assumptions you are making. Policies are not being followed or enforced Staff is not being trained properly Passwords are not being changed...
View Full Document

  • Spring '17

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors