Information Security Risk Analysis
Top Five Threats to the Server # | Threat | Description | Likelihood of Occurance | Severity of Impact | Controllability | 1 | Denial of Service | Disruption of service to users. | High | High | Medium | 2 | Malware | Software used to gain access to computer system, gather sensitive information, or disrupt computer operations. | High | Medium | High | 3 | Principle of “Least Privilege” | Ensuring users have only the needed privileges for their job functions. | Low | High | High | 4 | Brute Force Attacks | Attempts to guess the password to a system. | High | Medium | High | 5 | Buffer Overflow | An anomaly where a program, while writing data to a buffer, overwrites mmemory. | Low | High | Medium |
Server Threat Likelihood of Occurrence and Protection Recommendations
This section describes the likelihood of threats to the server mentioned above and recommended preventative controls.
1. Denial of Service are attacks where the objective is to bring down the server and to render services unavailable to others. This can be done by ping attacks and SYN flood attacks.
To prevent these DOS attacks you want to make sure you are running an IPS on your network or your hosting provider has one. An IPS can detect when a SYN flood is happening and block the connections from the malicious machine. It can also detect when more than usual requests are being made for your network and reroute the traffic. If a DOS attack is already taking place, it is best to contact the ISP to have communications directed towards your server blocked.
2. Malware is software used to gain access to computer systems. It can be used to gather sensitive information and disrupt computer operations. Malware is easy to obtain and allowing it onto the server can cause a great deal to publicly available services.
To help prevent Malware from