User Account

All Pages

Explain access control methods and attacks

Assignment Help Management Information Sys
Reference no: EM131194101

Global Finance, Inc. Network Diagram

Above is the Global Finance, Inc. (GFI) network diagram. A hypothetical company, GFI has grown rapidly this past year and implemented a number of network devices as displayed in the diagram. The company invested in the network and designed it to be fault tolerant and resilient from any network failures. However, although the company's financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth.

GFI's network has historically been fairly stable, and the company has not experienced many full scale network outages. GFI has hired three (3) network engineers to keep up with the network growth, as well as the bandwidth demand by the company employees and the clients. However, the company has not hired any security personnel who can take care of the operational security responsibility.

The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company's mission critical systems that are vital to the company's operations that also affect the overall financial situation. The Oracle database and email systems are among the most intensively used application servers in the company. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has experienced DoS network attacks twice this year, and its Oracle database and email servers had been down for a total of one (1) week as a result. The recovery process required GFI to utilize $25,000 to restore its operations to the normal operating baseline. GFI estimated the loss from these network attacks at more than $1,000,000, as well as lost customer confidence.

Write an eight to ten (8-10) page formal risk assessment proposal in which you:

Describe the company network, interconnection, and communication environment.

Assess risk based on the GFI, Inc. network diagram scenario. Note:Your risk assessment should cover all the necessary details for your client, GFI Inc., to understand the risk factors of the organization and risk posture of the current environment. The company management will utilize this risk assessment to determine what actions to take; therefore, it must be comprehensive for the business leaders to make data-driven decisions.

Defend your assumptions where pertinent information from the scenario isn't available.

Ascertain apparent security vulnerabilities, and analyze at least three (3) such vulnerabilities. Such analysis should entertain the possibility of faulty network design. Recommend mitigation processes and procedures for each of the identified vulnerabilities.

Justify your cryptography recommendations, based on security concerns and requirements, data-driven decision-making, and objective opinions.

Examine whether your risk assessment methodology is quantitative, qualitative, or a combination of these, and discuss the main reasons why you believe that the methodology that you utilized was the most appropriate.

Explain the way in which you would present your findings and assessment to the company's management and thus facilitate security buy-in and concentration.

Using Microsoft Visio or its open source equivalent, redraw the CFI diagram, depicted as a secure and risk-mitigating model. Note: The graphically depicted solution is not included in the required page length.

Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.

Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

Include charts or diagrams created in Visio or an open source alternative such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.

The specific course learning outcomes associated with this assignment are:

Evaluate an organization's security policies and risk management procedures, and its ability to provide security countermeasures.

Analyze the methods of managing, controlling, and mitigating security risks and vulnerabilities.

Explain access control methods and attacks.

Describe the details and the importance of application security models and their implementation from a management perspective.

Evaluate and explain from a management perspective the industry-standard equipment, tools, and technologies organizations can employ to mitigate risks and thwart both internal and external attacks.

Use technology and information resources to research issues in security management.

Write clearly and concisely about the theories of security management using proper writing mechanics and technical style conventions.

Reference no: EM131194101

Questions Cloud

Global ventures have gone smoothly : Censorship, enforced written and unwritten laws, red tape and language hurdles not to mention having and keeping the rights to your own patents and products. Give examples of 2 U.S companies who may have faced some or all of these issues. Give exam..
Random diffusion - provide all relevant equations : Random Diffusion - Provide all relevant equations The stability of the numerical method (ex: if you change the delta or delta x, does your result change.) Change something and see the effect it has.
Calculate the current density in each material : Assuming that each material has the same coefficient of expansion and the same power dissipating capability which way will the bimetal device bend? Explain.
Write a handout on parenting and parent-child relationship : Write a handout on parenting and parent-child relationship. Define the topic and Consider relevant developmental processes and outcomes
Explain access control methods and attacks : Examine whether your risk assessment methodology is quantitative, qualitative, or a combination of these, and discuss the main reasons why you believe that the methodology that you utilized was the most appropriate.
Attribute these negative and positive results : To what do you attribute these negative and positive results? Country? Multi-national company (MNC) preparedness? Luck of the draw? Support your answers with appropriate theory.
Calculate the total charge at the interface : Two perfectly conducting cylinders are connected to the two ends for the purpose of connecting to the source. Calculate the total charge at the interface between each two materials (see arrows in Figure 7.45).
Review the articles john locke and jean jacques rousseau : Review the articles "John Locke" and "Jean Jacques Rousseau" in this week's Learning Resources. Think about how social contract theory is related to contemporary democratic theory.
Emotional content in the workplace : What are the ethical implications of reading faces for emotional content in the workplace?

Reviews

Write a Review

Management Information Sys Questions & Answers

  How do cloud services make dlp more difficult

You are opening an online store in a cloud environment. What are three security controls you might use to protect customers' credit card information? Assume that the information will need to be stored. Define TNO. Name three types of data for whic..

  What additional solutions do you propose

Evaluate the alternative solutions being considered by Jennifer Roberts and What additional solutions do you propose? Why?

  Which type of control is of concern to the facebook users

Which type of control is of concern to the Facebook users and privacy activists-feed forward, concurrent, or feedback control? (Use the internet to research these concepts)

  Write a brief history of e-commerce

Write a brief history of E-commerce. Then go in to the good, the bad, and the ugly of E-commerce from a consumer or business standpoint (either or).

  Information system manging

Information system Manging

  Technology impacts

Technology impacts - Vocal artists these days ofrten rely on technology to get them that platinum record.

  Describe your audience purpose and context

Identify the narrative you wish to construct with the data. For example, pulling from World Bank data you could compare life expectancy rates for two nations in order to make a claim. Or, pulling from Acclaimed Music, you could show the rise and f..

  Integrated information management system

Develop an integrated information management system for a human service organization.

  Process analysis and system concept developmenti have been

process analysis and system concept developmenti have been working on building an erp system. i have covered the

  Discuss issues and concerns about use of portable devices

Security and Mobile Devices: Discuss issues and concerns about the use of portable devices such as tablets, smart phones and laptops

  Operations and suplpy chain

Operations and Suplpy Chain - Draw a graph. Develop the equations

  Advertisement on google or another search engine

Create a post describing any experiences you've had with online advertising (good or bad). Have you ever clicked on an advertisement on Google or another search engine

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd