u04a1 Preliminary Security Assessment
February 3, 2013
The number one responsibility of the Information Assurance/Network Security Officer(s) is to maintain the best security posture for the network that is possible. This task also means that the confidentiality, availability and integrity of the system are maintained. One of the first steps towards this is to perform an assessment of the potential issues with all areas of the network. A preliminary security assessment will begin the task of identifying a list of vulnerabilities (weaknesses and flaws) that could possibly be exploited by a threat (Develop, n.d.).
Vulnerability analysis can encompass the following five security control areas: * Technical – hardware, software, system architecture, and modes of communication * Operational – procedures performed with respect to the network * Administrative – administrative procedures that affect the network * Physical – the physical layout and the access to the facilities and areas where network related systems are housed * Personnel – policy, process, and procedures as related to staff having access to the system (Develop, n.d.)
Analyzing The Infrastructure
An initial task in a security assessment will focus on the basic hardware, software, and network of the system, also known as the infrastructure. Identifying types of hardware and software will dictate a large part of the requirements necessary to protect the environment. Also, a thorough analysis of the hardware will help in identifying what exists where. This information can be used for planning for replacement (Chapter, 2003).
The infrastructure consists of approximately 4000 workstations, several hundred servers, a large number of switches and routers scattered between approximately 20 buildings located across approximately 10 miles of government property located on a secure government installation. While this large number of systems would seem to pose a huge problem just in sheer numbers, due to the governments purchasing system, most of the workstations are a single manufacturer (Dell) running the Microsoft windows operating system. Close to 90% of the systems are of this makeup. The other 10% is mainly Dell systems running RedHat Linux with a few Apple OS machines also.
This reliance (mainly) on a single manufacturer and OS has the potential to have problems. With such a large homogenous infrastructure, it would be easy for an attack to gain a foothold if a single precaution is not followed (Hietala, 2004). However, following local policies and the several DoD regulations is a little easier because of this. The RedHat and MAC OS systems have additional policies to maintain a secure profile.
All servers are administered by the domain system administrators and a large percentage of them are maintained in dedicated building space specifically designed to house central hardware. All network devices are similarly protected. There are a few servers that are project specific that are also administrated by a local system administrator. This is normally to accommodate specific tasks that require dedicated support. These servers still are maintained by the domain and meet all security profiles or have documented mitigating procedures in place.
All hardware security includes protection from theft and damage. When designed for a multi-machine server room the following characteristics should apply: * Allocate dedicated space
* Require controlled access (key cards, cypher lock, etc.) * Provide fire protection
* Maintain proper temperature and humidity
* Provide adequate electrical power
* Provide for proper ventilation (Chapter, 2003)
It is not enough to state security objectives; they must be published to provide to all of the users the organization’s...
Please join StudyMode to read the full document