Premium Essay

Is418: Week 1 Discussion 1

In:

Submitted By tpbuck98
Words 420
Pages 2
With the given situation that has been presented in this week’s discussion, the first thing you will want to look at is the placement of the initial server(s). If the server is going to be placed within the bank itself, as the LAN is presently, what kind of physical security will be used? Limiting unauthorized access to this data and information stored on these servers is very important as the risk of PII and Bank proprietary information being used is protected constantly. How will the server be accessed and who will be monitoring the access to the designated server. The next thing to take a look at will be what kind of operating system will be run on the server and what levels of security are available in the server OS to ensure security of the designated servers for the application.
Next item that needs to be addressed is the understanding of the network topology, since we are going to be working with an application that gives access to information that is not for general viewing. Placement of the servers and minimizing the Public side of the application network (the internet) is another security concern, this means not placing the complete database outside of the intranet and in direct contact with the internet. Placement of servers in a DMZ that limits information that is available to the public side will greatly improve the protection of PII and keeping the security of PII, Proprietary information, and other sensitive information secure. Finally, hacking is also another high risk concern that this assessment needs to be taken into consideration before implementing this network installation. There are various attacks that can be performed on these servers and the application itself. For example, the SMTP server could be vulnerable to injection attacks. I would recommend hiring a group of white hat hacking to perform a series of penetration testing to

Similar Documents

Premium Essay

It255

...with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies for Web Applications & Social Networking IS316 Fundamentals of Network Security Firewalls & VPNs IS317 Hacker Techniques Tools & Incident Handling EC311 Introduction to Project Management IT250 Linux operating System CNS Program Prerequisites: ment 300 Level IT320 WAN Technology &...

Words: 4114 - Pages: 17

Premium Essay

Seeking Help

...vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies for Web Applications & Social Networking IS316 Fundamentals of Network Security Firewalls & VPNs IS317 Hacker Techniques Tools & Incident Handling EC311 Introduction to Project Management IT250 Linux operating System ment CNS Program Prerequisites: ©ITT Educational Services, Inc. Date: 10/25/2010 Introduction...

Words: 4296 - Pages: 18