Network Security Assessment Essay

3062 words - 13 pages


Network Security Assessment

Prepared for:
University of Maryland University College

Prepared by:
David Yurchak

I. Vulnerability Assessments
In the same way as other associations in the monetary administrations and different segments, agent merchants (firms) are the objective of digital assaults. The recurrence and complexity of these assaults are expanding, and individual intermediary merchants and the business, in general, must make reacting to these dangers a high need.
An assortment of components is driving this firms' presentation to digital security dangers. The interaction between advances in innovation, changes in the firms' plan of action, and changes ...view middle of the document...

Hazard appraisals serve as foundational devices for this firm to comprehend the cyber security dangers they confront over the scope of the company's exercises and resources regardless of the organization's size or plan of action. Below is a table with an analysis of the current network with risks and impact to the firm.
Risks
Impacts to business
Expected incidents per Year
Expected loss per Incident
Annual Loss Expectancy
Remediation Steps
Virus Infection
Range from time spent cleaning machines to rebuilding machines and loading backup data, and network outage
20
$10,000
$200,000
Gateway and Desktop AV
Worm Infection
Range from time spent cleaning machines to rebuilding machines and loading backup data, and network outage
5
$10,000
$50,000
Firewalls, patching, personal firewalls for laptops
Hack by Competitor
Loss of customer lists, and proprietary information
2
$20,000
$20,000
Firewalls, strong authentication
Intellectual property theft, or confidential disclosure insider
Loss of customer lists, and proprietary information
1
$20,000
$40,000
Strong authentication and access control software, audit logs, encryption
DoSA (Denial of Service Attack)
Loss of use of internet connection, and access to company website
1
$30,000
$30,000
Configured firewalls and routers, and countermeasures implemented by ISP, with sophisticated IPS systems

The firms’ network should be separated from the public Internet by strong user authentication mechanisms and policy enforcement systems such as firewalls and web filtering proxies. Extra observing and security arrangements, for example, antivirus programming and interruption detection frameworks, ought to likewise be utilized to recognize and stop malevolent code or unapproved access endeavors.
A prepared all-around staff is a vital guard against digital assaults. Indeed, even well-meaning staff can get to be incidental vectors for fruitful digital assaults through, for instance, the accidental downloading of malware. Powerful preparing aides diminish the probability that such assaults will be fruitful. A viable practice for firms is to set up and keep up an administration structure for the management of cybersecurity dangers and related controls fitting to the association's size, and the way its cyber security hazard presentation. The administration system ought to verbalize the parts and obligations of hierarchical units and people inside of those units.
As utilized as a part of this report, "Administration" and "administration structure" allude extensively to the foundation of "arrangements, techniques, and procedures to oversee and screen the association's administrative, lawful, hazard, natural, and operational prerequisites" in a design that is comprehended inside of the association and that illuminates its administration of cybersecurity danger.

II. Network/System Security Recommendations

A synopsis of key activities that are suggested for this firm is as per the...

Other Papers Like Network Security Assessment

Risk Assessment in Information Technology Essay

3280 words - 14 pages Risk Assessment in Information Technology Risk Assessment in Information Technology This paper will address risk assessment in Information Technology and discuss factors used to identify all kinds of risks in company network diagram. It will also assess the risk factors that are inclusive for the Company and give the assumptions related to the security data as well as regulatory issues surrounding risk assessment. In addressing the global

Network Security Essay

1846 words - 8 pages A 5 page paper on network security with 5 references NETWORK SECURITY Let us go back, twelve years. Where's Internet? Concentrated in the cables that connect the offices and cubicles of the American ministry of defense. Things were simple, and despite the sensitive nature of the data transferred no body talked about net work security, no body knew what was to follow. Some how a revolution was triggered, the information net burst out of its

Text Questions

534 words - 3 pages , applications, and network segments will use. The final step, cost assessment, gathers cost information for the network, usually through and RFP that specifies what equipment, software, and services are desired and asks vendors to provide their best prices. One of the keys to gaining acceptance by senior management of the network design lies in speaking management’s language, not the language of the technology. Question 6: Describe the key parts

technical paper

2818 words - 12 pages , Inc. security and network. This risk assessment provides a structured qualitative assessment of the operational environment. It addresses sensitivity, threats, vulnerabilities, risks and safeguards. The assessment recommends cost effective safeguards to mitigate threats and associated exploitable vulnerabilities. Safeguards are security features and controls that, when added to or included in the information technology environment, mitigate the

Incident-Response Policy

837 words - 4 pages incident and the response phases. The response phases would include defining roles and responsibilities, assessment of the incident, and procedures explaining in detail what actions taken during the incident. Although the incident was caused by a malicious program that used up the bandwidth, causing the computers and the network to slow down and eventually shutdown, this security policy will explain the set of actions that the company needs to

Applying Owasp to a Web Security Assessment

589 words - 3 pages Assessment Worksheet Applying OWASP to a Web Security Assessment Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the Open Web Application

Cyberlaw Tft Task 1

971 words - 4 pages procedures for creating new user account profiles. HIPPA requires that an Information Security Officer (ISO) must be assigned to the network account profiles. This appointed person(s) is usually the network or system security administrator of the organization. Once this role is assigned, the security administrator can create network profiles and assign the new user to such specified profile. The network profiles are implemented in accordance with

Riordan Security Assessment Week 5

3471 words - 14 pages SR-rm-013 Initial Physical, Network, and Web Security Assessment CGMT 441 26 November 2012 SR-rm-013 Initial Physical, Network, and Web Security Assessment Riordan Manufacturing is a global plastics manufacturer employing 550 people with projected annual earnings of $46 million. The company manufactures plastic beverage containers at its plant in Albany, Georgia, custom plastic parts at its plant in Pontiac, Michigan, and plastic fan

Vulnerability Assessment Penetration Analysis

972 words - 4 pages Vulnerability Assessment Penetration Analysis A. Memo For Record: IDS upgrade or replacement Summary of Events: The health care clinic’s network security appliance (combined router/firewall/wireless access point) was hacked and passwords were cracked. Configuration changes to this device opened the network to a Denial-of-Service (DoS) attack. The result of this attack prevented access to patient records and insurance claims as part

Net280-Wk1-Case Study

524 words - 3 pages In reference to recent concerns over issues with ping sweeps and port scans. There are several diagnostic test called network probes that are run by Network Administrators to check servers regarding a particular service or updates needed for workstations within the company. In order to guard against nefarious computer activity, special security measures are needed to keep out intruders. Here is a brief assessment in more detail of how ping

Cap Study Guide

5295 words - 22 pages maintained for an information system and in many organizations is assigned responsibility for the day-to-day security operations of a system? a. Information System Security officer 4. Who is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls? a. system owner, and/or

Related Essays

Risk Consultant Essay

808 words - 4 pages ISSC 363 Risk Consultant 24 January 2016 Risk Consultant A risk assessment is a way to identify, evaluate, quantify, and prioritize risks (Gibson, 2011). They are primarily used to assess the overall security of a network from the eyes of an attacker in order to protect the network from intruders (Schmittling, n.d.). There are no regulations instructing organizations on how systems need to be controlled or

Mr Security Essay

3463 words - 14 pages VULNERABILITY ASSESSMENT WHITEPAPER Automating Vulnerability Assessment This paper describes how enterprises can more effectively assess and manage network vulnerabilities and reduce costs related to meeting regulatory requirements. Automated Vulnerability Assessment / Vulnerability Management (VA/VM) solutions are supplementing and in some cases replacing manual penetration testing with an overall improvement in network security without

It Communications Essay

1093 words - 5 pages (NIST, 2012). This Risk Assessment Report will evaluate the confidentiality, integrity, and availability of the Global Finance Inc. network architecture. Hezman Technologies will recommend security safeguards that will enable the Global Finance Inc. to make decisions about network security. Mission The overall mission of the Global Finance network is to host mission critical network systems. The network critical

Information Security Evaluation Essay

633 words - 3 pages ) Malware Defenses 6) Application Software Security 7) Wireless Device Control 8) Data Recovery Capability 9) Security Skills Assessment and Appropriate Training to Fill Gaps 10) Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11) Limitation and Control of Network Ports, Protocols, and Services 12) Controlled Use of Administrative Privileges 13) Boundary Defense 14) Maintenance, Monitoring, and