Preview

Identifying Risks, Response, and Recovery

Good Essays
Open Document
Open Document
1443 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Identifying Risks, Response, and Recovery
Running Head: IDENTIFYING RISKS, RESPONSE, AND RECOVERY 1

Identifying Risks, Response, and Recovery
Amy E. Moody
Strayer University
CIS333
Professor Williams

IDENTIFYING RISKS, RESPONSE AND RECOVERY 2
Identifying Risks, Response and Recovery I previously identified several types of attacks, threats and vulnerabilities that exist with your multilayered network. I have now been charged with the responsibility of developing a strategy to deal with these risks as well as a plan to mitigate each risk to reduce the impact that each will have on your organization. Your firewall, which is your first line of defense, is susceptible to two common types of attacks. First there are attacks against the firewall itself with the purpose of the attacker being to take control of the firewalls functionality and then launching a DoS attack. The second type of attack against firewalls is an attack on the LAN side of the firewall. These attacks circumvent the rules and policies of the firewall to gain access to the devices that are supposed to be protected by the firewall. The largest vulnerability that exists with firewalls is improper configuration settings. This can lead to the development of security holes which allow unauthorized access from both outside and within your network. All of the aforementioned attacks, threat and vulnerabilities can be mitigated and or avoided altogether.
There are several keys to ensuring that your firewall is as secure as possible. Use a VPN for all non-public traffic. Ports on your firewall should only be open for services that are utilized by the public. Because most people have dynamic IP addresses, your firewall has to constantly open ports and modify its rules to allow access, this can lead to ports being left open and vulnerable to attacks. Limit the size of your network. Simply put, if you don’t need it, turn it off. If your servers are not running a service that is used by the public, don’t allow it



References: 2009, September 30). 5 Easy Firewall Steps to Identify and Prevent Attacks. Retrieved August 14, 2012, from http://blog.inetu.net/2009/09/5-easy-firewall-steps-to-identify-and-prevent-attacks Deploying Firewalls Throughout Your Organization [Cisco IOS Firewall] - Cisco Systems. Retrieved July 26, 2012, from Deploying Firewalls Throughout Your Organization [Cisco IOS Firewall] - Cisco Systems. Retrieved July 26, 2012, from http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710 Gandhi, M. , & Srivatsa, S. Detecting and preventing attacks using network intrusion. International Journal of Computer Science and Security, 2(1), 49-60. Retrieved , from http://www.cscjournals.org/csc/manuscript/Journals/IJCSS/Volume2/Issue1/IJCSS-28.pdf Kim, D. , & Solomon, M. (2012). Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning. Mah, P. (2012, January 31). 5 Steps to Protect Exchange Server from Security Attacks. Retrieved July 25, 2012, from http://www.gfi.com/blog/5-steps-to-protect-exchange-server-from-security-attacks Northrup, T. Firewalls. Retrieved July 25, 2012, from http://technet.microsoft.com/en-us/library/cc700820.aspx

You May Also Find These Documents Helpful

  • Better Essays

    Whitman, M., & Mattord, H. (2004). Information Security Policy. In Management of information security(Fourth ed., p. 154). Boston, Mass.: Thomson Course…

    • 2101 Words
    • 8 Pages
    Better Essays
  • Powerful Essays

    Is3440 Project Part 1

    • 3157 Words
    • 13 Pages

    I would recommend that we use a "Defense in Depth" strategy, having multiple layers of access protection. We need to have an IDS/IPS on both sides of our edge firewall. The inside IDS/IPS will be used as additional protection for our network and the outside IDS/IPS will serve as an early warning system from attacks. We will also use the outside IDS/IPS for additional protection and to monitor what types of attacks are occurring. Our web server and mail server should be completely separated from the rest of our network in a de-militarized zone (DMZ). We need to have a network firewall between our DMZ and our internal network, between the outside world and our internal network, and between our DMZ and the outside world.…

    • 3157 Words
    • 13 Pages
    Powerful Essays
  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    ITNE455-1204A-01 U3GP3

    • 5030 Words
    • 21 Pages

    Security is embraced by the executive management staff at MJD Electronics. An important task for the Chief Security and Compliance Officer for MJD Electronics is to outline a plan that makes considerations for many of the important aspects of valid security architecture. This discussion presents more detailed information on many topics that should be included in a solid security architecture including border routers, demilitarized zones, proxy firewalls, access control lists and filters, fail-safe equipment, and more.…

    • 5030 Words
    • 21 Pages
    Powerful Essays
  • Powerful Essays

    Between every network and the outside host of threats there is a first line of defense. For almost every network this will be a firewall. A firewall can be both hardware and software and is usually a combination of the two. A firewall creates a barrier between networks. Any outside computer or client must pass through the firewall to access the network or its resources. Only a computer or system that has proper access can easily access a network protected by a properly configured firewall. Though it is not infallible, a firewall is the first and perhaps best means of security…

    • 855 Words
    • 4 Pages
    Powerful Essays
  • Better Essays

    This guide is meant to describe best practices for the detection and prevention of denial of service attacks, such as the event that recently occurred at the university. It was determined that based on current security guidelines and current controls in place, the university was still severely vulnerable from an internal aspect and all identified gaps need to be addressed and resolved. Each control described below will provide a more in depth look at the overall strategy of how a network should be protected but still allow for the functionality that is required to maintain normal operations.…

    • 1279 Words
    • 6 Pages
    Better Essays
  • Good Essays

    A level of security is the IP stateful firewall a security appliance that is used to filter IP packets and block unwanted IP, TCP, and UDP packet types from entering and leaving the network.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Good Essays

    You Decide- Sec572 Week 2

    • 577 Words
    • 3 Pages

    To develop network security strategies that will ensure that the organization's network is protected from both internal and external security risks. A summary of the steps I can take to mitigate the risk in the following areas: Denial-of-Service attacks (DoS), Distributed Denial-of-Service attacks (DDoS), Masquerading and IP Spoofing, Smurf attacks, Land.c attacks, Man-in-the-Middle attacks.…

    • 577 Words
    • 3 Pages
    Good Essays
  • Good Essays

    NT2580 Project part 1

    • 606 Words
    • 3 Pages

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Hardware can be used to protect the network from outside threats. Intrusion detection systems (IDS) automate detection of threats and attack through traffic analysis. Cisco’s IDS “delivers a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, along with bandwidth and e-Business application attacks” (Cisco Systems, 2007, Cisco Intrusion Detection). They take this one-step further with an intrusion prevention systems (IPS). IPS shifts the focus on the attacker, not the attack itself, by increasing the accuracy of threat prevention through global threat analysis (Cisco Systems, 2012, Intrusion Prevention System with Global Correlation). The Cisco Adaptive Security Appliances (ASA) “combines the industry 's most deployed stateful inspection firewall with…

    • 890 Words
    • 4 Pages
    Better Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    NT2580 Introduction to Information Security Unit 2 Application of Security Countermeasures to Mitigate Malicious Attacks © ITT Educational Services, Inc. All rights reserved. Learning Objective Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. NT2580…

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Good Essays

    Sec 280 Week 1

    • 667 Words
    • 3 Pages

    In today’s age with more and more computers being connected to the internet every day the presence of these new users on the global network creates an issue of security. Common questions might be as follows, how do I keep my network secure from the outside world? What can I do as an individual to keep us safe? Can we implement any new policy’s to counter this threat? These are all great questions and it is my task to answer these question first I must begin by explaining what threats we face and how to deal with those threats accordingly.…

    • 667 Words
    • 3 Pages
    Good Essays
  • Better Essays

    References: Conklin, W. A., White, G., Williams, D., Davis, R., & Cothren, C. (2012). Principles of computer security: CompTIA Security+™ and beyond (3rd ed.). New York, NY: McGraw Hill.…

    • 1432 Words
    • 5 Pages
    Better Essays
  • Better Essays

    Dougherty, C., Householder, A., & Houle, K. (2002). Computer attack trends challenge Internet security. Computer, 35(4), 0005-7.…

    • 1278 Words
    • 5 Pages
    Better Essays
  • Powerful Essays

    Risk Assessment

    • 1788 Words
    • 8 Pages

    FedEx Corporation is a 29 billion dollar company that offers a variety of supply chain, transportation, business and related information services (FedEx Corporation, 2006). Today FedEx consists of a network of different companies providing services to many countries around the world. FedEx Corporation is the premier provider of shipping and information services worldwide, and its companies function under the motto of "operate independently, compete collectively and manage collaboratively" (FedEx Corporation, 2006).…

    • 1788 Words
    • 8 Pages
    Powerful Essays