Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with
Words: 934 - Pages: 4
outline an Acceptable Use policy, Internet Use policy, Security policy, and acceptable conduct policy for its employees that is supposed to be required reading. Like with any law, in cyber security there are always law-breakers waiting for the chance to exploit a weak firewall, a patch in the system, or a careless employee who leaves login information open for the wrong eyes to see. For this reason government and private sector alike must constantly update security measures and do thorough investigations
Words: 2222 - Pages: 9
Aircraft Solution (AS) Company Ali Hassan Submitted to: John Michalek SEC571 Principles of Information Security and Privacy Keller Graduate School of Management Submitted: April 21, 2013 Table of Contents Company Overview ……………………………………………1 Company Assets ………………………………………………..1 Vulnerabilities ………………………………………………….2 Hardware Vulnerability………………………………….......2 Policy Vulnerability …………………………..……………..3 Recommended Solutions…………………………………….... 5 Hardware Solutions
Words: 4091 - Pages: 17
Into To security Project Part 1: Multi-Layered Security Plan: As part of my report, below is my outline for Richman Investments Multi-Layered Security Plan: User Domains: Since Users can access systems, applications and data depending on their roles and rights, an employee must conform to the staff manual and policies also known as the Acceptable Use Policy (AUP). The department manager or human resources manager is usually in charge of making sure that employee and in certain
Words: 727 - Pages: 3
or what is the Threat Actor? What is the Threat Action? Please describe the difference between the two as well. Threat actor is a group using Hydraq (Aroura) Trojan horse they were named Elderwood gang Threat action happen when the attackers used nearly a dozen pieces of malware and several levels of encryption to burrow deeply into the bowels of company networks and infrastructure In simple way, we can say that threat actor is the person who does the attack while the threat action is how this
Words: 671 - Pages: 3
AIRCRAFT SOLUTIONS AIRCRAFT SOLUTIONS Keller Graduate School of Management SEC 571 Principles of Information Security and Privacy Abstract An assessment of Aircraft Solutions (AS) as to what Security Vulnerabilities that might be found, two areas discussed are Hardware & Policy weakness and impact. Table of Contents Executive Summary 1 Company Overview 1 Security Vulnerabilities 2 Hardware Vulnerability …………………………………………………..…….....2 Policy Vulnerability………………………………………………………………
Words: 1902 - Pages: 8
1 ENC1102 CMB Final Research Proposal Introduction and Articulation of Problem or Topic: I selected a Cyber Security topic because it is a big concern for me how my information (the data) is stored online. This is a topic that everybody worries about because nobody knows where the cloud is or who has access to it. It seems to me that every week there are new headlines about hackers bringing an organization to its knees by doing things such as stolen funds, bad publicity, and embarrassing
Words: 2159 - Pages: 9
SULLIVAN UNIVERSITY | Cyber Security | | Patrice Brockington | 4/20/2013 | | Cyber Security The security of online files, applications, documents, consumer information, and organization information are just some of the valued items that need to be secure from cyber threats. Companies and organization that utilize the internet to conduct business know all too well the importance of securing the information and any and all information of those that they do business with. Having some
Words: 645 - Pages: 3
The history of the Internet begins in Oct 4, 1957 with the launch of Spunik and the start of the Space Race. America’s response to the launch of Spunik was to pour money into the research and development of high tech projects and the establishment of the Advanced Research Project Agency (ARPA). ARPA developed the ARPANET, computer-to-computer communication through packet switching networks. In 1969, the first “package switch” interface message processor allowed two computers to “talk” with each
Words: 762 - Pages: 4
that calls also for the installation of Voice-Over-Internet-Protocol (VOIP), and the design of a high-speed Wide Area Network (WAN) that will enable Packet Filters (PF), or firewalls to connects three other hospitals with Patton-Fuller. Lastly, Duvv Enterprises will implement the following three processes: the first process will identify the hardware and software needed to secure Patton-Fuller’s choice of networks against all electronic threats. The second process will distinguish
Words: 2183 - Pages: 9
