User Account

All Pages

Describe the legal requirements and ethical issues involved

Assignment Help Management Information Sys
Reference no: EM131308329

Term Paper

As a penetration tester, you are hired as a consultant by a small- to mid-sized business that is interested in calculating its overall security risk today, January 1, 2012. The business specializes in providing private loans to college students. This business uses both an e-Commerce site and point-of-sales devices (credit card swipes) to collect payment. Also, there exist a number of file transfer operations where sensitive and confidential data is transferred to and from several external partnering companies. The typical volume of payment transactions totals is approximately $100 million. You decide that the risk assessments are to take into account the entire network of workstations, VoIP phone sets, servers, routers, switches and other networking gear. During your interview with one of the business's IT staff members, you are told that many external vendors want to sell security networking products and software solutions. The staff member also claimed that their network was too "flat." During the initial onsite visit, you captured the following pertinent data to use in creation of the Penetration Test Plan.

• Non-stateful packet firewall separates the business's internal network from its DMZ.

• All departments--including Finance, Marketing, Development, and IT--connect into the same enterprise switch and are therefore on the same LAN. Senior management (CEO, CIO, President, etc.) and the Help Desk are not on that LAN; they are connected via a common Ethernet hub and then to the switched LAN.

• All of the workstations used by employees are either Windows 98 or Windows XP. None of the workstations have service packs or updates beyond service pack one.

• Two Web servers containing customer portals for logging in and ordering products exist on the DMZ running Windows 2000 Server SP1, and IIS v5.

• One internal server containing Active Directory (AD) services to authenticate users, a DB where all data for the company is stored (i.e. HR, financial, product design, customer, transactions). The AD server is using LM instead of NTLM.

Write a six to eight page paper in which you:

1. Explain the tests you would run and the reason(s) for running them (e.g. to support the risk assessment plan).

2. Determine the expected results from tests and research based on the specific informational details provided. (i.e., IIS v5, Windows Server 2000, AD server not using NTLM)

3. Analyze the software tools you would use for your investigation and reasons for choosing them.

4. Describe the legal requirements and ethical issues involved.

5. Using Visio or its open source alternative, provide a diagram of how you would redesign this business' network. Include a description of your drawing. Note: The graphically depicted solution is not included in the required page length.

6. Propose your final recommendations and reporting. Explain what risks exist and ways to either eliminate or reduce the risk.

7. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.

• Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

• Perform vulnerability analysis as well as external and internal penetration testing.

• Demonstrate the ability to describe and perform penetration tests on communication media to include wireless networks, VoIPs, VPNs, Bluetooth and handheld devices.

• Use technology and information resources to research issues in penetration testing tools and techniques.

• Write clearly and concisely about Network Penetration Testing topics using proper writing mechanics and technical style conventions.

Reference no: EM131308329

Questions Cloud

Discuss about the economic recession : During an economic recession, discuss how management's or a union's bargaining power might be affected. Give an appropriate business example to illustrate what you mean, support it with at least one reference. No more than (2) paaragraphs
Making ethical strategy decisions : Name three Globalization trends and explain why a corporate decision-maker may need to be aware of these trends when making ethical strategy decisions.
Find the diameter of the circular channel : Water is flowing through a circular channel at the rate of 400litres/sec,when the channel is having a bed slope of 1 in 9000.The depth of water in the channel is 8.0 times the diameter.find the diameter of the circular channel if the Manning N is ..
Changing the game : In review of the Billy Beane: Changing the Game" case analysis, what, if any, are the potential problems with the HR strategies adopted by the Oakland A's?
Describe the legal requirements and ethical issues involved : Analyze the software tools you would use for your investigation and reasons for choosing them. Describe the legal requirements and ethical issues involved.
Completed markov cohort model in excel : Completed Markov cohort model in Excel with calculated cost-effectiveness ratio in terms of cost per DALY averted both in discounted and undiscounted terms
Contrast the state of human resource management : The article "Why We Hate HR" was written in Fast Company magazine a number of years ago as a challenge to the value that HR brings to the table. Contrast the state of Human Resource Management as referenced in the Fast Company article with how it..
Summarize a case decision where an employer was found guilty : Locate and briefly summarize a case decision where an employer or union was found guilty of bad faith bargaining ( or not!). Briefly summarize the decision and explain whether you agree or disagree with the outcome.
Forecast future cash flows sometimes companies use top-down : To forecast future cash flows sometimes companies use top-down and sometimes bottom-up approach (and sometimes both)? What are the advantages and disadvantage of each of them? In forecasting your company (Walmart Store, Inc.) cash flow in earlier dis..

Reviews

Write a Review

Management Information Sys Questions & Answers

  Prepare for the changes you anticipate

Electronic Medical Record's impact - What obstacles will have to be overcome to move forward, and what should be done now to prepare for the changes you anticipate?

  Create a table that shows how the access quality and cost

Create a table that shows how the access, quality, and cost of health care are influenced by the low-income, middle-income, and high-income status of an economy

  What ways could netflix visualize movie ratings

Supporting Information - Netflix - In what ways could Netflix visualize movie ratings, preferences, or trends to provide its subscribes with additional "movie intelligence"?

  Identify someone that you feel was very creative

Identify someone that you feel was very creative. What personality traits did they possess that made them so creative?

  How should the ceo present the policy to the staff

Why is it important to have such a policy in place? If the basic purpose is to stop harassing behavior, why is that important? Why is harassment detrimental to an organization?

  Did your interviewer use any of the ethical tests

How did you prepare for the interview? Did any questions 'stump' you? How did you feel during the interview? How did you feel after the interview? Did your interviewer use any of the ethical tests? What interview tips do you have for your peers?

  Discuss the organization and select a framework

Is it strictly adhered to? Is its purpose well communicated throughout the organization? How would you personally increase awareness of the objectives of IT governance?

  Describe how big data and distributed data

Define ‘Big Data'. Describe how ‘Big Data' and distributed data fit in the modern business environment. The Internet is considered a ‘game changing' technology. Discuss at least three reasons why this is true

  How might the company build more of an online presence

Analysis of their website. What was favorable about their website? What are some of their website attributes that customers may find unappealing?

  Explain the costs involved in the creation of the system

Your sister owns a small clothing store. During a conversation at a family dinner, she mentions her frustration with having to manually track and reorder high demand items. Explain the costs involved in the creation of the system

  Select one type or subtype of business software and cover

select one type or subtype of business software and cover the following topicswhat business activities andor business

  Evaluate alternatives to the company self-hosting the site

Discuss what it will take to build a Web architecture, move an existing Website with minimal downtime, and provide a disaster recovery solution to ensure the site is always available.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd