Free Essay

Security Assessment

In:

Submitted By bttm4funtime
Words 901
Pages 4
The residence that will be assessed for security vulnerability is located in Rancocas, New Jersey. The house is situated in a small historic town that is completely encircled with trees. There are currently 125 houses in the community with no prospects for future development. The youngest house within the small town is 135 years old with the oldest being 165 years old. The residence that is being assessed is approximately 2000 square feet and is partnered with a 500 square foot detached garage and a 250 square foot storage building.
Dwelling Description: The main house has three points of entry including the front entrance, a side entrance, and a basement entrance. The front entrance has a gridded glass entrance door and a metal security door with a normal entry lock and a deadbolt lock. Having a strong, well-constructed door is key to preventing a break in. According to the Washington Post (2008), “34 percent of all burglaries usually occur by way of the front door”. The side entrance has a wooden door and a metal security door with a normal entry lock and a deadbolt lock. The basement entrance is a standard weather door that has a latch that fastens the doors together to prevent access. The residence has 32 windows scattered across four floors. Of the 32 windows, 24 of the windows are new double-hung windows with security latches and double locks. The remainder of the windows is wooden weighted windows original to the house, with circle latch fasteners that can be used to secure the windows.
Dwelling Vulnerabilities: There are many focal points that a criminal could focus their attention on. From an entrance perspective, all of the doors have glass panels that could be broken out to gain entry. Given the location of the glass, knocking out a single pane would make for easy access to the main living areas by allowing the doors to be unlocked. An additional vulnerability is the basement door, which is located at the rear of property. The door has low visibility from the street and neighbors which may be inviting to a criminal. According to the Washington Post (2008), “four percent of all burglaries occur by a criminal entering the basement”. Windows pose the largest threat of all access points. At the front of the house, the windows on the first floor are only four feet from the ground. The sun porch affixed to the front of the house has eight windows that are low to the ground that could be easily accessed if mistakenly left unlocked. At the rear of the house, there are seven windows that are low to the ground. Three of the windows are hidden from passerbies and are extremely easy to access. At the rear of the residence, there is a section of house with a low roof line that could be accessed by climbing upon the fence and then maneuvering onto the roof. Once upon the roof, there are two windows that could be accessed with low visibility from the street or neighbors. From a communication perspective, all of the incoming and outgoing lines are easily accessible by the average person. Anyone could shut the communication methods down with any type of cutting tool. From a lighting perspective, the front and east side of the residence is well lit. The south and west side of the residence has minimal lighting after sunset and could pose a threat.
Garage Description: The garage is 500 square foot structure that is situated on the southwest side of the main residence. The garage has two points of entry including the main garage door and a side man entrance. There are no windows installed within the garage at present time. The main garage door is equipped with an electric opener operated by a hand transmitter normally placed within a vehicle and a manual switch located within the garage. The standard man entrance is a metal entry door located on the southeast side of the garage. The standard man entrance has a standard entry lock accessible with a key. There is a light at each door, the switches on at dusk and switches off at dawn.
Garage Vulnerabilities: Given the entry to the garage is limited to two doors; a criminal would have a difficult time accessing the area without being seen. The only advantage a criminal would have with regard to gaining entrance to the garage is the lock on the man entry door doesn’t always catch when closed. An additional disadvantage would be that the property at the rear of the garage is secluded from direct visual contact by a privacy fence.
Storage Facility Description: The storage facility is approximately 250 square feet and is situated at the south end of the property. The storage facility is rather hidden from plain view due to overgrown shrubbery, trees, and flower gardens. The storage facility has one entry way and no windows to speak of. The storage facility is used to store the lawn equipment, outdoor furniture, and supplies. The entry point has a metal door and a standard key lock.
Storage Facility Vulnerabilities: The storage shed has very little vulnerability issues. Outside of being too close to a wooded area, the storage shed only has one door that is secured with an entry lock. The shed has a light above the door that would thwart would be criminals.

Similar Documents

Premium Essay

Security Assessment

...Security Assessment for JLJ Information Technology Group By John Jacobs Table of Contents Company Description 3 Management Controls 3 Operational Controls 4 Technical Controls 5 Concerns and Recommendations 6 Conclusion 7 References 8 Company Description JLJ Information Technology Group helps organizations of all sizes to successfully do business online. Their complete portfolio of technology services drives business effectiveness and profitability for many customers not only in the United States but also around the world. The breadth of their offering extends from helping small businesses build an online presence through to managing the complex technology environments of large enterprises and governments including Internet domain name services, critical web hosting, online brand protection and promotion, video content delivery, application development services, managed cloud and security services and more. JLJ IT Group’s culture of integrity, innovation, collaboration and customer centricity has been built by its large team of passionate professionals that have been delivering managed online services since 2001. The customers range from small businesses to Fortune 500 companies and internationally recognized government organizations. Here at JLJ IT Group they design, build and manage software enabled Cloud and Mobile Solutions for large Corporate and Government organizations...

Words: 2610 - Pages: 11

Premium Essay

Security Risk Assessment

...Executive summary The main purpose of a threat and risk assessment is to provide recommendations that maximize the protection of integrity, confidentiality and availability while still providing usability and functionality. Insider threat has become a serious information security issues within organizations. Best way to determine the answers to these questions a company or organization can perform a threat and risk assessment. This can be accomplished using either internal or external resources. It is quite important that the risk assessment should be a collaborative process. It is proven that involvement of the various organizational levels the assessment can lead to a ineffective and costly security measure. Introduction...

Words: 793 - Pages: 4

Premium Essay

Security Risk Assessment

...Security Risk Assessment Southern New Hampshire University Michael Hallin Security risk analysis, which is also known as risk assessment, is essential to the security of any company and benefits the overall business goal. It is vital in ensuring that controls and costs are fully equal with the risks to which the organization is exposed. Having a well laid plan for disaster recovery comes from a good risk analysis of a company. A company’s IT Business Manager and associated team must identify and assess the organizations assets and give them a value. A good IT risk assessment involves identifying what functions need to be reestablished first after a disaster or an attack to the system. Restoration to full operational capability is significantly enhanced when the company is prepared and has taken appropriate action prior to an emergency or disaster (Group, 2005). The steps to identifying IT risks in a company include: determining which of the company’s assets have the most value to the business, identifying the risks that are applicable to those assets. After the risks are identified, they need to be logically examined to see how likely the risk can occur. If the risk is likely to be a factor, then the companies must take action to mitigate those risks. An example of this would be the company’s exchange server, which in almost all companies is a priority 1 asset, also called an essential entity. A server always has a risk of crashing; an exchange server has databases...

Words: 902 - Pages: 4

Premium Essay

Security Assessment and Recommendations

...SE571 Course Project:  Security Assessment and Recommendations SE571 Course Project:  Security Assessment and Recommendations Charlie Furze Professor: Eddie Wachter SE571 Principles of Information Security and Privacy Keller Graduate School of Management July 24, 2015 Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 3 A Hardware Example Title 3 A Software Example Title 4 Recommended Solutions 5 A Hardware Example Solution 6 A Software Example Solution 8 Impact on Business Processes 9 Budget 10 Summary 11 References 12 Executive Summary The executive summary can’t really be completed until the course project is completed. This is because the section should summarize BRIEFLY the entire paper. There should be one or two sentences about the purpose of the report, a one to two-sentence description of the company and then a quick summary of the two vulnerabilities and the two solutions that you have identified. Company Overview Here you should identify which of the two company scenarios you are using and briefly summarize the organizations products or services, and business processes. Two Security Vulnerabilities Software Vulnerability Remember, you need to choose only two vulnerabilities from the three categories: hardware, software and policy. It is recommended that you make them limited in scope and very specific. Also, before starting on this section, be sure you have a very clear...

Words: 1180 - Pages: 5

Premium Essay

Security Assessment and Recommendations

...SE571 Principles of Information Security and Privacy James Smikonis Week 3 Project March 18, 2012 Professor George Danilovics Security Assessment and Recommendations A report needs to be assessed for Aircraft Solutions. This report consists of a security assessment that exhibits all founding flaws in their system, as well as giving AS a report regarding their current infrastructure. Aircraft Solutions is a component fabrication and equipment company that delivers different architectural designs. One of their specialties is establishing communications and solutions to defense, commercial, aerospace industries. The employees at AS are fully qualified for the tasks they entail hence making their workforce more efficient and supplying outstanding service. The purpose of this assessment is to investigate the weaknesses that are presented in the operations of Aircraft Solutions (AS). While conducting this assessment, we will expose vulnerabilities; give an analysis of any relative threats, risks that will be addressed and a comprehensive analysis of the relative threats and consequences pertaining to this mission. Assessment and Investigation After carefully examining the three sections pertaining to Aircraft Solutions, we found that policy and hardware related issues require special attention. We found that Aircraft Solutions does not utilize any firewall between the commercial division and the Internet Gateway. In fact, we exhibited that the Department Defense routes...

Words: 907 - Pages: 4

Premium Essay

Security Risk Assessment Process

...Security Risk Assessment P1. Operational risk assessment is the process of determining what threats and vulnerability’s affect an organizations critical business processes. Operation risk assessment is a life cycle process that needs to be conducted often to determine if there are new threats and vulnerability’s to the organization. Without conducting a routine risk assessment an organization is left with exposure to hazards and accidents which lead to a loss. An operational risk assessment consist of risk identification, risk analysis and risk evaluation. The assessment is used to create a risk management policy which gives the best courses of action to mitigate from any threat and vulnerability’s. A risk is the possibility of a loss from exposure to a hazard by conducting an operational risk assessment the end result is to reduce the amount of risk to a project, equipment and personnel. Management are the ones who use risk management to minimize loss which reduces monetary loss and time for the organization. P4. The information assurance control procedures are the identification of assets, the classification of assets. The goals are to protect the confidentiality, integrity of availability of information by providing control measures. They are important because a company assets need to controlled due to so many exposures. The control procedures are used as a set of process and guidelines to ensure that an asset is classified correctly and given the correct level of protection...

Words: 1525 - Pages: 7

Free Essay

Company Security Assessment

...remained about the same. Over the last four months, Web server logs contained many http “Post” statements followed by the Website address of one the company’s main competitors. All of the post statements seemed to appear in the logs after new users would click “submit” to register. Based on the information that has been provided it seems that a competitor has been able to compromise the company’s network. This has allowed them to reroute network traffic from users that are attempting to register through the company’s portal to their competitor’s site. The next step in investigating the issue would be to complete an assessment of the network. A review of the traffic that is produced in and out of the company’s network is key to understand what is going on with the network. It is critical to select the appropriate personnel to make up the team that will oversee the security...

Words: 1289 - Pages: 6

Premium Essay

Security Assessment for Aircraft Solutions

...Security Assessment for Aircraft Solutions Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 Hardware Vulnerability – Absence of a Firewall 4 Policy Vulnerability – Lack of Timely Updates 5 Recommended Solutions 6 A Hardware Solution 6 Impact on Business Processes 9 A Policy Solution 9 Impact on Business Processes 10 Summary 10 References 12 Executive Summary This report will seek to evaluate and address security weaknesses with the Aircraft Solutions company. As security weaknesses are pointed out relating to hardware and policy weaknesses, recommendations will be made to Aircraft Solutions to be examined and hopefully implemented to improve IT security operations. Aircraft Solutions, located in Southern California, recognized leader in the design and fabrication of component products and services for companies in the electronics, commercial, defense, and aerospace industry. In reviewing Aircraft Solutions and its operations, uncovered were security vulnerabilities. Two vulnerabilities that were evident were issues with a lack of firewalls and the current security policy in place that is reviewed only every two years. Recommendations have been made that made help to remedy these vulnerabilities through the use of virtualization and by changing the security policy to be evaluated semi-annually instead of every two...

Words: 2450 - Pages: 10

Premium Essay

Testing and Monitoring Security Controls & Security Audits and Assessments

...Testing and Monitoring Security Controls & Security Audits and Assessments Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. * Authentication failures are one type of security event. A baseline anomalie that may indicate suspicious activity are unauthorized access attempts that can be found within log files. The log files contain records of all types of security events such as logon events, changes in system configuration and attempted violations of policy as well as system events like service startups and closures, errors and system warnings. * A second security event could be a sudden increase in overall traffic. It could simply mean that your website has been mentioned by a popular source, or it could mean that someone is trying to cause harm to your site. Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities. * Problem: Removable storage drives introduce malware filtered only when crossing the network. Solution: Limit user privileges that only include those that are required by the duties that are assigned to that individual. This will hopefully make it clear that no removable storage devices are to be connected to the network, no matter the circumstances unless they are screened first. * Problem: Predictable...

Words: 316 - Pages: 2

Free Essay

Security Assessment and Recommendations for Aircraft Solutions

...Security Assessment and Recommendations for Aircraft Solutions Principles of Information Security and Privacy Keller Submitted: December 11, 2013 Executive Summary The purpose of this report is to investigate the vulnerabilities of Aircraft Solutions (AS) in the areas of hardware and policy. Furthermore, it provides recommended solutions to the security weaknesses mentioned in Phase 1. Aircraft Solutions is a well known leader in the design and production of component products and services for companies ranging from commercial industry to the aerospace industry. In addition, Aircraft Solutions maintains a large capacity plant filled with an extensive variety of equipment, which is mostly automated alongside skilled specialists in a range of fields to ensure they meet their customers’ needs. The weaknesses that are being addressed are hardware and policy. Company Overview Aircraft Solutions is a leader in the planning and production of component products and services for companies in the electronics, commercial, defense, and aerospace industry. The headquarters of Aircraft Solutions is located in San Diego, California. The goal of Aircraft Solutions is to use machined products and related services to supply customer success, and to achieve cost, quality, and schedule requisites. They have a Defense Division (DD) of Aircraft Solutions located in Orange County, California and a Commercial Division (CD) located in San Diego County, California. Aircraft...

Words: 1560 - Pages: 7

Premium Essay

Nt1310 Unit 3 Security Assessment

...Link1: A Security Survey is a thorough physical examination of a facility and its operations with respect to personnel and company assets. We examine the risks these assets are exposed to, and review the measures that are in place to protect them and to mitigate liability. We identify vulnerabilities and make recommendations on how these can be improved. This can be relevant for new locations or existing facilities, particularly after a loss of incident has occurred. In all actuality, Security Assessment isn't a legitimate term! The vast majority relate "Security Assessment" with "Vulnerability Assessment" which is in reality only one part of a Security Audit. So what precisely is a Security Audit. A Security Audit is a broad and formal review...

Words: 865 - Pages: 4

Premium Essay

Itrust Database Software Security Assessment

...iTrust Database Software Security Assessment Security Champions Corporation (fictitious) Assessment for client Urgent Care Clinic (fictitious) Amy Wees, Brooks Rogalski, Kevin Zhang, Stephen Scaramuzzino and Timothy Root University of Maryland University College Author Note Amy Wees, Brooks Rogalski, Kevin Zhang, Stephen Scaramuzzino and Timothy Root, Department of Information and Technology Systems, University of Maryland University College. This research was not supported by any grants. Correspondence concerning this research paper should be sent to Amy Wees, Brooks Rogalski, Kevin Zhang, Stephen Scaramuzzino and Timothy Root, Department of Information and Technology Systems, University of Maryland University College, 3501 University Blvd. East, Adelphi, MD 20783. E-mail: acnwgirl@yahoo.com, rogalskibf@gmail.com, kzhang23@gmail.com, sscaramuzzino86@hotmail.com and Chad.Root@gmail.com Abstract The healthcare industry, taking in over $1.7 trillion dollars a year, has begun bringing itself into the technological era. Healthcare and the healthcare industry make up one of the most critical infrastructures in the world today and one of the most grandiose factors is the storage of information and data. Having to be the forerunner of technological advances, there are many changes taking place to streamline the copious amounts of information and data into something more manageable. One major change in the healthcare industry has been the implementation...

Words: 7637 - Pages: 31

Premium Essay

Applying Owasp to a Web Security Assessment

...Assessment Worksheet Applying OWASP to a Web Security Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the Open Web Application Security Project (OWASP) Web site and reviewed its Web application test methodology. You studied the standards and guides published by this project and summarized your findings. Finally, you drafted a Web Application Test Plan based on the information you gained in your OWASP research. Lab Assessment Questions & Answers 1. Identify the four recognized business functions and each security practice of OpenSAMM. 1) Governance 2) Construction 3) Verification 4) Deployment 2. Identify and describe the four maturity levels for security practices in SAMM. 1) Implicit starting point representing the activities in the Practice being unfulfilled 2) Initial understanding and ad hoc provision of Security Practice 3) Increase efficiency and/or effectiveness of the Security Practice 4) Comprehensive mastery of the Security Practice at scale 3. What are some activities an organization could perform for the security practice of Threat Assessment? Threat Assessment involves accurately identifying and characterizing potential attacks...

Words: 574 - Pages: 3

Premium Essay

Security Assessment

...Security Assessment Methodology and Tools for Conducting Security Assessment Footprinting and scanning an organization involves gathering information about the organization in both the passive and active forms. Active footprinting involves assessing the required information about the company through the website, while the passive footprinting is where one would find out the information directly with the organization through the customer care or from an employee of the organization. Security assessment of organizations is carried to identify the security issues such as the risks that the company is exposed to through the information is available from the company’s website or the customer care desk. For most organizations, important information about the company is stored in the company’s database through cloud computing of the website (Gupta, 2013). The existence of high risks in an organization requires the need for an intensive security assessment. In conducting the security assessment, the following tools and methodologies are used; Web Application Security Scanner The web application security scanner is a tool that is used by organizations in speeding up the process of identifying the web applications vulnerabilities. Company websites, for instance, are vulnerable to various risks that lead to loss or lack of privacy of the information saved in the company’s database. The tool thus, assists in identifying the vulnerabilities in the shortest time possible....

Words: 652 - Pages: 3

Premium Essay

Weaknesses Assignment Phase Ii- Security Assessment and Recommendations

...Running head: Security Assessment and Recommendations Week 6: Weaknesses Assignment Phase II- Security Assessment and Recommendations SE571 Principles of Information Security and Privacy Introduction Aircraft Solutions (AS) is a renowned equipment and component fabrication company with the capability to provide full range designs and implantation solutions to different sectors such as defense, aerospace, commercial and electronics industries. This paper discusses the possible recommendations based on the security assessment conducted in Phase 1, and proposes possible changes in order to ensure the safety of AS networks. The Company owns an enormous production plan which promises to deliver high quality solutions for targeted at various industries. It is equipped with a team of excellent and highly qualified professionals who cater to various needs of different industries. This paper intends to find possible solutions to bridge the gaps as found in the investigation in Phase 1. The weaknesses that are being addressed are the firewall configuration, virtualization of their hardware assets and defining and revisiting their security policy regarding firewall configuration and updated software at least twice a year. Brief overview of the Vulnerabilities in AS After a thorough investigation of the IT architecture and systems of the Aircraft Solutions, two main concerns were identified as the priority items that needed attention. The first was hardware related concern and was...

Words: 1692 - Pages: 7