Preliminary Security Assessment
u04a1 Preliminary Security Assessment
TS5311 Enterprise Security February 3, 2013
Introduction The number one responsibility of the Information Assurance/Network Security Officer(s) is to maintain the best security posture for the network that is possible. This task also means that the confidentiality, availability and integrity of the system are maintained. One of the first steps towards this is to perform an assessment of the potential issues with all areas of the network. A preliminary security assessment will begin the task of identifying a list of vulnerabilities (weaknesses and flaws) that could possibly be exploited by a threat (Develop, n.d.). Vulnerability analysis can encompass the following five security control areas: * Technical – hardware, software, system architecture, and modes of communication * Operational – procedures performed with respect to the network * Administrative – administrative procedures that affect the network * Physical – the physical layout and the access to the facilities and areas where network related systems are housed * Personnel – policy, process, and procedures as related to staff having access to the system (Develop, n.d.)
Analyzing The Infrastructure An initial task in a security assessment will focus on the basic hardware, software, and network of the system, also known as the infrastructure. Identifying types of hardware and software will dictate a large part of the requirements necessary to protect the environment. Also, a thorough analysis of the hardware will help in identifying what exists where. This information can be used for planning for replacement (Chapter, 2003). The infrastructure consists of approximately 4000 workstations, several hundred servers, a large number of switches and routers scattered between approximately 20 buildings located across approximately 10 miles of
TS5311 Enterprise Security February 3, 2013
Introduction The number one responsibility of the Information Assurance/Network Security Officer(s) is to maintain the best security posture for the network that is possible. This task also means that the confidentiality, availability and integrity of the system are maintained. One of the first steps towards this is to perform an assessment of the potential issues with all areas of the network. A preliminary security assessment will begin the task of identifying a list of vulnerabilities (weaknesses and flaws) that could possibly be exploited by a threat (Develop, n.d.). Vulnerability analysis can encompass the following five security control areas: * Technical – hardware, software, system architecture, and modes of communication * Operational – procedures performed with respect to the network * Administrative – administrative procedures that affect the network * Physical – the physical layout and the access to the facilities and areas where network related systems are housed * Personnel – policy, process, and procedures as related to staff having access to the system (Develop, n.d.)
Analyzing The Infrastructure An initial task in a security assessment will focus on the basic hardware, software, and network of the system, also known as the infrastructure. Identifying types of hardware and software will dictate a large part of the requirements necessary to protect the environment. Also, a thorough analysis of the hardware will help in identifying what exists where. This information can be used for planning for replacement (Chapter, 2003). The infrastructure consists of approximately 4000 workstations, several hundred servers, a large number of switches and routers scattered between approximately 20 buildings located across approximately 10 miles of
References: Sarrel, M. (2003, December 30). Network Security: Know Your Weaknesses | Roundup | PCMag.com . Technology Product Reviews, News, Prices & Downloads | PCMag.com | PC Magazine. Retrieved January 30, 2013, from http://www.pcmag.com/article2/0,2817,140