Technical Paper

Topics: Virtual private network, Computer network, Access control Pages: 5 (2659 words) Published: October 30, 2014

center23002311409410012100center818008227695Goodman, Jeremy
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014
941009200Goodman, Jeremy
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014
center700007040880Abstract
Risk Assessment for Global Finance, Inc. Network.
9410010000Abstract
Risk Assessment for Global Finance, Inc. Network.

-5715003009900Week 10 Technical PaperRisk Assessment
036300Week 10 Technical PaperRisk Assessment
Introduction
Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000. Risk Assessment Purpose

The purpose of this risk assessment is to evaluate the adequacy of the Global Finance, Inc. security and network. This risk assessment provides a structured qualitative assessment of the operational environment. It addresses sensitivity, threats, vulnerabilities, risks and safeguards. The assessment recommends cost effective safeguards to mitigate threats and associated exploitable vulnerabilities. Safeguards are security features and controls that, when added to or included in the information technology environment, mitigate the risk associated with the operation to manageable levels. A complete discussion of the vulnerabilities and recommended safeguards are found in this report. Risk Assessment Scope

The scope of this risk assessment assessed Global Finance, Inc.’s use of resources and controls, implemented or planned, to eliminate and or manage vulnerabilities exploitable by internal and external threats to the GFI system. This Risk Assessment Report evaluates the confidentiality (protection from unauthorized disclosure of system data and information), integrity (protection from improper modification of information), and availability (loss of system access) of the GFI system. Recommended security safeguards will allow management to make decisions about security related initiatives. If the safeguards recommended in this risk assessment are not implemented and the GFI network is exploited, these vulnerabilities could result in: Unauthorized disclosure of data and sensitive information

Unauthorized modification or destruction of the system, its data, or both Denial of service, access to data, or both to authorized users who require access to this information on a frequent basis. Loss of network stability and availability

Loss in reputation and customer confidence
System Environment
Global Finance, Inc. uses a highly resilient flat network architecture for its network infrastructure. A flat network is a computer network design approach that aims to reduce cost, maintenance and administration. Flat networks are designed to reduce the number of routers and switches on a computer network by connecting the devices to a single switch instead of separate switches, or by using network hubs rather than switches to connect devices to each other. The topology of a flat network is not segmented or separated into different broadcast areas by using routers and switches CITATION Net12 \l 1033 (Network Computing, 2012). Remote dial up users...

References: BIBLIOGRAPHY Gregory, P. (2009). CISSP Guide to Security Essentials. Cengage Learning.
Lin, C. (2005, September). PSTN (public switched telephone network). Retrieved from TechTarget: http://searchnetworking.techtarget.com/definition/PSTN
Network Computing. (2012, March 22). Flat Network Strength Also A Security Weakness. Retrieved from Information Week Network Computing: http://www.networkcomputing.com/networking/flat-network-strength-also-a-security-weakness/d/d-id/1233495?
Olzak, T. (2012, April 18). VLAN Network Segmentation and Security. Retrieved from Infosec: http://resources.infosecinstitute.com/vlan-network-chapter-5/
Oppliger, R. (1997, May). Internet security: firewalls and beyond. Communication of the ACM Volume 40 Issue 5, pp. 92-100.
Shelly, G., & Rosenblatt, H. J. (2011). Systems Analysis and Design, Ninth Edition. Cengage Learning.
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Enzymes and Paper
  • School Papers
  • Banana Paper
  • Paper Flower
  • Ancient Paper
  • Pushing Papers
  • Research Paper
  • Paper Charcoal

Become a StudyMode Member

Sign Up - It's Free