Microsoft Word - Exercise 2.docx Part A: Asset Threat and Vulnerability Identification on a Network Diagram (20 Marks)Benjamin Yankson, an Information Technology Security Manager for My-University,...

1 answer below »
please see attachment



Microsoft Word - Exercise 2.docx Part A: Asset Threat and Vulnerability Identification on a Network Diagram (20 Marks)Benjamin Yankson, an Information Technology Security Manager for My-University, contacted you on a matter relating to IS security risk facing his organization. Benjamin has recently begun to see signs that his security measures are not quite up to snuff (adequate). In the last six months, his company has been hit with several viruses, backup failures, and loss of rather expensive networking equipment. Benjamin feels that this situation warrants,bringing you an independent Information System Risk and Policy Specialistto help his organization begin the IS security risk evaluation. The objective of this case is to use the risk identification process established in Figure 1 to Identify or brainstorm about known vulnerabilities and threats specific to each asset in Figure 2. Figure 1. Information Systems Security Risk Identification Process Diagram As part of the initial document received, Benjamin provided you with a Network topology diagram (Figure 2). Using Figure 1, IS Security Risk Identification Process Diagram, conduct a Risk Identification based on the organization’s network diagram Figure 2. Present your answer using a table format. For each asset in Figure 2, identify at minimum one vulnerability,and specify one threat that has a probability to exploit it. (Note: For the purpose of this assignment, you can consider all servers as one) Figure 2. Network TopologyTable 1. This table is a sample Table for Asset, Threat, and Vulnerability Identification. Asset Name Vulnerability Threat *The
Answered Same DayFeb 25, 2021

Answer To: Microsoft Word - Exercise 2.docx Part A: Asset Threat and Vulnerability Identification on a Network...

Neha answered on Feb 26 2021
151 Votes
Asset
    Vulnerability
    Threat
    Firewall
    The firewall can be penetrated by the person who has access to it. The person is able to enter through its security and a
ttack system. He is able to bypass the perimeter firewall and will have entrusted access to internal system.
    If network is having outdated firewall, then they are not effective enough to keep it secure. Generally, the passwords are also difficult to remember. This leads to the temptation of easy passwords or worse case is to have default with factory settings.
    Router
    Currently the router is not configured properly, and it is exposed to the administrator interface. It is exposed to the untrusted network without any reason. This type of behaviour is very common when we are having external penetration test further teams to find out the HTTP, https or SSH which are exposed to the user over the Internet. All these services are generally vulnerable to the different types of attacks like traffic interception, password guessing and also the authentication bypass.
    if the attacker is able to get access of the device then they can also grant themselves complete access for the other segments of the network, upload firmware image which is customised for the router and then it will copy the whole traffic and it will be forwarded to the host which is controlled by the attacker or even they can reconfigure it to create denial of service condition for the network. Most of the routers are not familiar with automatic update facility or they do not have the incremental patching ability, so it is important to have full firmware image and apply it to the device.
    MAIL...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here