Web servers containing customer portals

Assignment Help Basic Computer Science

Reference no: EM13762316

As a penetration tester, you are hired as a consultant by a small- to mid-sized business that is interested in calculating its overall security risk today, January 1, 2012. The business specializes in providing private loans to college students. This business uses both an e-Commerce site and point-of-sales devices (credit card swipes) to collect payment. Also, there exist a number of file transfer operations where sensitive and confidential data is transferred to and from several external partnering companies. The typical volume of payment transactions totals is approximately $100 million. You decide that the risk assessments are to take into account the entire network of workstations, VoIP phone sets, servers, routers, switches and other networking gear. During your interview with one of the business's IT staff members, you are told that many external vendors want to sell security networking products and software solutions. The staff member also claimed that their network was too "flat." During the initial onsite visit, you captured the following pertinent data to use in creation of the Penetration Test Plan.
Non-stateful packet firewall separates the business's internal network from its DMZ.

All departments--including Finance, Marketing, Development, and IT--connect into the same enterprise switch and are therefore on the same LAN. Senior management (CEO, CIO, President, etc.) and the Help Desk are not on that LAN; they are connected via a common Ethernet hub and then to the switched LAN.

All of the workstations used by employees are either Windows 98 or Windows XP. None of the workstations have service packs or updates beyond service pack one.

Two (2) Web servers containing customer portals for logging in and ordering products exist on the DMZ running Windows 2000 Server SP1, and IIS v5.

One (1) internal server containing Active Directory (AD) services to authenticate users, a DB where all data for the company is stored (i.e. HR, financial, product design, customer, transactions). The AD server is using LM instead of NTLM.

Reference no: EM13762316

Questions Cloud

The future of the nature of our society''s drug : Finally, given the way in which many forces have affected drug use in the past, develop your own projection twenty-five years into the future of the nature of our society's drug use problems, based on some of the social, political, economic, law enfo..

Examine how language is a form of social action : Examine how language is a form of social action that varies cross- and intra-culturally to explain power and other social differentials.

Content-related role of commercial web sites : Which of the following is NOT a content-related role of commercial Web sites?

An imaginary quantitative nursing : The independent and dependent variable, and state the research hypothesis for your study. The variables must be categorical variables.

Web servers containing customer portals : All departments--including Finance, Marketing, Development, and IT--connect into the same enterprise switch and are therefore on the same LAN. Senior management (CEO, CIO, President, etc.) and the Help Desk are not on that LAN; they are connected ..

What is the value of the marginal propensity to consume : What is the value of the marginal propensity to consume and what is consumption at an output of $1,000 billion?

Sole promotional tool : Question 1: Why would the manufacturer of a $390 video home security system be reluctant to use advertising as its sole promotional tool?

Fi and rri notation illustrate : Using the Fi and RRi notation illustrate the transfer of 15 data packets with a window size of 5.

Demand for labor is said to be a derived demand : The demand for labor is said to be a "derived" demand. What is the meaning of a derived demand? How does this concept help to determine the demand for labor?

User Account

All Pages