Free Essay

Unit 1 Assignment 1 Is3110

In:

Submitted By alonsolr28
Words 361
Pages 2
For YieldMore Executives, We here in your IT department have recently audited our infrastructure for our company’s network. Upon the review we did find several threats and vulnerabilities. First off is the fact we do not have a backup system in place for any natural disaster to our headquarters. This is an exploit found in the systems and application domain that can cripple our whole company. A second system found in one of the production center could be able to be installed in case of said disaster to our corporate headquarters. Our second issue is the possibility of our sales force using their own computers to remote access into our network. There could be malware installed in their hardware at home and can be sent to our network to infiltrate our system. Good practice to this is to supply company laptop to sales and have restrictions to known websites with malware downloads to help avoid infections and malware to our system. This area is on the remote access domain and needs to be looked at on a constant basis. The third issue would be in the user domain. Any terminated or disgruntled employee can load issues to our system and need to be expelled from our system as soon as they are gone from the company. A fourth issue would be password safety. We must assume that passwords are not secure since most of our labor is found outside of our three building units. A policy to have the user change his or her password on a frequent basis will in fact keep this risk down but it is not full proof. This is another issue with the user domain that needs attention on a regular basis. Lastly and a major issue is the lack of a firewall in our production centers. They are subject to any attack from an external source. This is a risk toward our system and application domain and needs to address ASAP. Adding firewalls to a building should be examined and thought of since we are going to have at least one backup located in the centers as stated in previous risk areas stated above.

Similar Documents

Premium Essay

Test

...Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...

Words: 2305 - Pages: 10

Premium Essay

Informative

...Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory, 30 Lab) Prerequisite: IS3110 Risk Management in Information Technology Security or equivalent Corequisite: None Table of Contents Course Overview 5 Course Summary 5 Critical Considerations 5 Instructional Resources 6 Required Resources 6 Additional Resources 6 Course Management 8 Technical Requirements 8 Test Administration and Processing 8 Replacement of Learning Assignments 9 Communication and Student Support 9 Academic Integrity 10 Grading 11 Course Delivery 13 Instructional Approach 13 Methodology 13 Facilitation Strategies 14 Unit Plans 15 Unit 1: Information Security Policy Management 15 Unit 2: Risk Mitigation and Business Support Processes 25 Unit 3: Policies, Standards, Procedures, and Guidelines 33 Unit 4: Information Systems Security Policy Framework 42 Unit 5: User Policies 50 Unit 6: IT Infrastructure Security Policies 58 Unit 7: Risk Management 66 Unit 8: Incident Response Team Policies 74 Unit 9: Implementing and Maintaining an IT Security Policy Framework 83 Unit 10: Automated Policy Compliance Systems 90 Unit 11: Course Review and Final Examination 97 Course Support Tools 101 Evaluation of Student Learning 102 STUDENT COPY 103 Graded Assignment Requirements 104 Unit 1 Discussion 1: Importance of Security Policies 105 Unit 1 Assignment 1: Security Policies Overcoming Business...

Words: 18421 - Pages: 74