Identifying Potential Risk, Response, and Recovery

In: Computers and Technology

Submitted By CAGEEZY
Words 705
Pages 3
Assignment 2: Identifying Potential Risk, Response, and Recovery

Emory Evans August 26, 2012 Dr. Robert Whale CIS 333

There are a myriad of potential threats and vulnerabilities that leave a system open to malicious attack, anytime you have a computer network that connects to the internet there is a potential for malicious attack so it is important that you know the vulnerabilities of a system to protect it from potential threats and malicious attacks.
“A vulnerability is any weakness in a system that makes it possible for a threat to cause harm.” (Kim & Solomon, 2012, p. 96). There are several common vulnerabilities that exist within the seven domains of an IT infrastructure for example there is the lack of awareness or concern for security policy vulnerability in the User Domain as well as intentional malicious activity ( Kim & Solomon, 2012). Within the Workstation Domain there exists unauthorized user access, weakness in installed software, and malicious software introduced vulnerabilities, unauthorized network access, transmitting private data unencrypted, spreading malicious software, exposure and unauthorized access of internal resources to the public, introduction of malicious software, loss of productivity due to internet access, denial of service attacks, brute-force attacks on access and private data are all examples of vulnerabilities within the seven domains of IT infrastructure which are User, Workstation, LAN, LAN-to WAN, WAN, Remote Access, and System/Application Domains (Kim & Solomon, 2012).
Threats can cause great harm or damage to computer systems through their vulnerabilities, there are many types of threats such as natural threats like floods, earthquakes, tornadoes, hurricanes and landslides, there is human threats like accidental or intentional deletion of data, malicious software upload…...

Similar Documents

Identifying Potential Risk, Response and Recovery

...Assignment 2 Identifying Potential Risk, Response and Recovery Karen Raglin Professor West Networking Security Fundamentals March 3, 2013 I previously identified several types of attacks, threats and vulnerabilities that exist with your multilayered network. You have requested that I develop a strategy to deal with these risks as well as a plan to mitigate each risk to reduce the impact that each will have on your organization. With any network organization you want to make sure that you keep on top of vulnerabilities of anything that reaches out to the internet. Computers and servers that touch the internet are ones that must be scanned. As a company you have to make sure that you configure the security settings for the operating system, internet browser and security software. As a company you also want to set personal security policies for online behavior. There also needs to be an antivirus installed on the network like Norton or Symantec which blocks threats targeting the vulnerabilities. Your firewall, which is your first line of defense, is susceptible to two common types of attacks. First there are attacks against the firewall itself with the purpose of the attacker being to take control of the firewalls functionality and then launching a DoS attack. The second type of attack against firewalls is an attack on the LAN side of the firewall. These attacks circumvent the rules and policies of the firewall to gain access to the devices that are supposed to......

Words: 1277 - Pages: 6

Assignment 2: Identifying Potential Risk, Response, and Recovery

...policies for the site are properly implemented. Firewalls are the basis of computer and network security defense. They are widely deployed. They are very hard to configure properly, and people who configure them may not know the current threats and attacks. For example, an administrator maybe working on some task and might leave something open in a firewall where attackers can enter through. Some firewalls have the vulnerability that enables attackers and be defeated. By identifying the network components, you can evaluate their vulnerabilities. These vulnerabilities can have flaws in the technology, configuration, or security policy. Vulnerabilities can be fixed different ways, applying software patches, reconfiguring devices, or deploying countermeasures such as firewalls and antivirus software. Threat is when people take advantage of vulnerability and cause a negative impact on the network. If threat occurs it needs to be identified, and the associated vulnerabilities need to be addressed to minimize the risk. As of today, most of the hackers are interested in hacking services such as HTTP (TCP Port 80) and HTTPS (TCP Port 443), which are open in many networks. By using access control devices, they can detect malicious exploits aimed at these services. Now these days applications has improve and very hard for hackers to get into but the technology need to stay up to date and be more intelligent. The attack methodology requires firewalls to provide not only access......

Words: 1056 - Pages: 5

Identifying Potential Malicious Attacks

...Identifying Potential Malicious Attacks The CIO Company will use firewalls, intrusion detection systems, virus scanners and other protective software to provide some assurance that the security policies for the site are properly implemented. Firewalls are the basis of computer and network security defense. They are widely deployed. They are very hard to configure properly, and people who configure them may not know the current threats and attacks. For example, an administrator maybe working on some task and might leave something open in a firewall where attackers can enter through. Some firewalls have the vulnerability that enables attackers and be defeated. By identifying the network components, you can evaluate their vulnerabilities. These vulnerabilities can have flaws in the technology, configuration, or security policy. Vulnerabilities can be fixed different ways, applying software patches, reconfiguring devices, or deploying countermeasures such as firewalls and antivirus software.   Threat is when people take advantage of vulnerability and cause a negative impact on the network. If threat occurs it needs to be identified, and the associated vulnerabilities need to be addressed to minimize the risk.  As of today, most of the hackers are interested in hacking services such as HTTP (TCP Port 80) and HTTPS (TCP Port 443), which are open in many networks. By using access control devices, they can detect malicious exploits aimed at these services. Now these days......

Words: 1060 - Pages: 5

Assignment 1: Identifying Potential Malicious Attack

...Assignment 1: Identifying Potential Malicious Attack CIS 333 Assignment 1: Identifying Potential Malicious Attack Potential malicious attacks and threats that may be carried out against the network include illegally using user accounts and privileges, Stealing hardware and software, Running code to damage systems, running code to damage and corrupt data, modifying stored data, stealing data, using data for financial gain or for industrial espionage, performing actions that prevent legitimate authorized users from accessing network services and resources, and/or performing actions to deplete network resources and bandwidth. Threats to the network can be initiated from a number of different sources, hence the reason for network attacks being classified as either external or internal network attacks/threats. Individuals carry out external threats or without assistance from internal employees or contractors. A malicious and experienced individual, a group of experienced individuals, an experienced malicious organization, or inexperienced attackers (script kiddies) carry out these attacks. Such attackers usually have a predefined plan and the technologies or techniques to carry out the attack. One of the main characteristics of external threats is that they usually involve scanning and gathering information. Users can therefore detect an external attack by scrutinizing existing firewall logs. Users can also install an Intrusion......

Words: 1068 - Pages: 5

The Role of Social Media in Crisis Preparedness, Response and Recovery

...PREPAREDNESS, RESPONSE AND RECOVERY By Jason Christopher Chan (RPO) Executive Summary In recent years, social media has exploded as a category of online discourse where people create content, share it, bookmark it and network at a prodigious rate. The five key characteristics of social media: collectivity; connectedness; completeness; clarity and collaboration lend itself to be used increasingly to support crisis management functions. This paper examines the various categories of social media tools to understand how they can be utilised to enhance analytical and response capabilities of organisations for crisis management. The paper identified four main social media functions: (1) information dissemination, (2) disaster planning and training, (3) collaborative problem solving and decision making, and (4) information gathering, which are then mapped onto the three crisis management phases of preparedness, response and recovery to describe how a range of social media tools may be used to enhance crisis communications. Case examples of international organisations and governments using social media for crisis management are shared. The paper proposes a framework to enhance government use of social media for crisis management that encompasses the need for a mandate, differentiated guidelines and three key capabilities to be developed. 1 Introduction 1. Crisis management is a critical organisational function that involves planning and dynamic incident response to......

Words: 6572 - Pages: 27

Identifying Potential Malicious Attacks

...Identifying Potential Malicious Attacks, Threats and Vulnerabilities Joseph Escueta Strayer University CIS 333 Dr. Emmanuel Nyeanchi January 30, 2014 Abstract The world of any organization lays a network structure that controls all the operations of the company. Every company has its own sensitive information about their success and why they such a good reputation. Because of the growing technology various enchantments have been develop to make sure that its investments are secured and locked hidden in its networks. However network attacks have been around for decades and each new security can be breach. This is one of the major causes of any company to lose money or its capital after being attack by network attackers. It is proven to be a nuisance for any organization trying to make a living. However, this attacks can be avoided if one should take precautions and to be aware of the network attacks. In this case study I will identify its causes and threats against the network. I will also expose the vulnerabilities that exist in networks today. Identifying Potential Malicious Attacks, threats and Vulnerabilities There are many attacks in the network but the most important purpose is to protect the company’s assets. We are not taking about average hackers who just do it for fun but rather want to cause damage to a company’s reputation. In a network security there are two important categories which is logic attacks and resource attacks. A logic attack......

Words: 1207 - Pages: 5

Cis 333 Assignment 2 Identifying Potential Risk, Response, and Recovery

...CIS 333 Assignment 2 Identifying Potential Risk, Response, and Recovery http://homeworktimes.com/downloads/cis-333-assignment-2-identifying-potential-risk-response-and-recovery/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 2 Identifying Potential Risk, Response, and Recovery http://homeworktimes.com/downloads/cis-333-assignment-2-identifying-potential-risk-response-and-recovery/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 2 Identifying Potential Risk, Response, and Recovery http://homeworktimes.com/downloads/cis-333-assignment-2-identifying-potential-risk-response-and-recovery/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 2 Identifying Potential Risk, Response, and Recovery http://homeworktimes.com/downloads/cis-333-assignment-2-identifying-potential-risk-response-and-recovery/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : onlineeducationalservice@gmail.com CIS 333 Assignment 2 Identifying Potential Risk, Response, and Recovery http://homeworktimes.com/downloads/cis-333-assignment-2-identifying-potential-risk-response-and-recovery/ For More Tutorial Visit: http://homeworktimes.com/ For any Information Email Us: : ......

Words: 418 - Pages: 2

Is351 Identifying It Project Risks

...The five potential risks for this new project that I think they may encounter is Positive Risk, Resistance to change by employees/students, Fraud, identity theft, hacking or phishing, Accidental wrong information and Accessibility. The first one I call a positive risk (this is referred to as the risk that we initiate ourselves because we see a potential opportunity, along with a potential for failure.). It’s the process of teaching the students and or teachers how to use the program. This is positive because the program is supporting them to take control of their own human resource information. This will help after the program reduces the number of HR employees needed. There can be some risks because it has to do with the fact that the program is online. Not everyone has the savvy computer skills to find their way around the website such as older employees. They may never have used a computer for tasks other then word processing or spreadsheets. Then for those personnel with weaker computer skills who might be hesitant to use the program. To help improve efficiency the Human Resource will need to set up training or conferences where the employees and students will be taught step by step how to access, use and manage the new system. As well, there will be a role out phase, where there will be Human Resource staff on hand to help out when needed. For those people who still have concern, there will always be someone in HR who can help at any time. The next potential is......

Words: 1021 - Pages: 5

Assignment 2: Identifying Potential Risk, Response, and Recovery

...Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale. For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each......

Words: 486 - Pages: 2

Risk Response Planning

...Instructions of Risk Response Planning Jinghan Xie PJM 6015 Project Risk Management Jacques Alexis Northeastern University College of Professional Studies August 8, 2015 Abstract As the fourth step in the risk management, risk response planning is very significant and it could affect the subsequent steps of risk management as well as the whole project. In other words, if a risk management plan does not has the sufficient preparation in response part, the subsequent risk management process (monitoring & controlling) would generate mistakes and the previous effort (planning, identification and analysis) would be wasted. This paper uses PMBOK (main reference) and several scholarly articles (secondary references) to elaborate the definition of risk response planning, find necessary tools & techniques, emphasize the importance of risk trigger and contingency plan, and discuss some key factors which could affect the risk response decision. Keywords: risk response planning, contingency plan, risk trigger, risk response decision Risk Response Planning To begin with, I want to use the content of PMBOK to define the risk response planning. Plan Risk Responses is the process of developing options and actions to enhance opportunities and to reduce threats to project objectives. It follows the Perform Qualitative Risk Analysis process and the Perform Quantitative Risk Analysis process (if used). It includes the identification and assignment of one person (the “risk......

Words: 1460 - Pages: 6

Cis 333 Wk 8 Assignment 2 Identifying Potential Risk

...ASSIGNMENT 2 IDENTIFYING POTENTIAL RISK To purchase this visit here: http://www.activitymode.com/product/cis-333-wk-8-assignment-2-identifying-potential-risk/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 333 WK 8 ASSIGNMENT 2 IDENTIFYING POTENTIAL RISK CIS 333 WK 8 Assignment 2 - Identifying Potential Risk, Response and Recovery In Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities, you were recently hired as an Information Security Engineer for a videogame development company. After viewing a growing number of reports detailing malicious activity, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. He asked you to include a brief explanation of each item and the potential impact it could have on the organization. After review of your report, the CIO requests that you develop a follow-up plan developing a strategy for dealing with all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: 1. For each malicious attack and threat identified in Assignment 1, choose a strategy for dealing with the risk (i.e., risk mitigation, risk assignment, risk......

Words: 1027 - Pages: 5

Cis 336 Assignment 2: Identifying Potential Risk, Response, and Recovery

...CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery To Buy this Class Copy & paste below link in your Brower http://homeworkregency.com/downloads/cis-336-assignment-2-identifying-potential-risk-response-and-recovery/ Or Visit Our Website Visit : http://www.homeworkregency.com Email Us : homeworkregency@gmail.com CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: 1. For each of the three (3) or more malicious attacks and / or threats that you...

Words: 1420 - Pages: 6

Cis 336 Assignment 2: Identifying Potential Risk, Response, and Recovery

...CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery To Buy this Class Copy & paste below link in your Brower http://homeworkregency.com/downloads/cis-336-assignment-2-identifying-potential-risk-response-and-recovery/ Or Visit Our Website Visit : http://www.homeworkregency.com Email Us : homeworkregency@gmail.com CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: 1. For each of the three (3) or more malicious attacks and / or threats that you...

Words: 1420 - Pages: 6

Cis 333 Assignment 2 Identifying Potential Risk, Response, and Recovery

...CIS 333 Assignment 2 Identifying potential risk, response, and recovery Click Link Below To Buy: http://hwcampus.com/shop/cis-333-assignment-2-identifying-potential-risk-response-recovery/ CIS 333 Week 8 Assignment 2 - Identifying Potential Risk, Response and Recovery In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: 1. For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale. 2. For each of the three (3) or more malicious......

Words: 422 - Pages: 2

Cis 336 Assignment 2: Identifying Potential Risk, Response, and Recovery

...CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery To Buy this Class Copy & paste below link in your Brower http://homeworkregency.com/downloads/cis-336-assignment-2-identifying-potential-risk-response-and-recovery/ Or Visit Our Website Visit : http://www.homeworkregency.com Email Us : homeworkregency@gmail.com CIS 336 Assignment 2: Identifying Potential Risk, Response, and Recovery Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow-up plan detailing a strategy for addressing all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: 1. For each of the three (3) or more malicious attacks and / or threats that you...

Words: 1420 - Pages: 6