Regional Bank under GLBA Compliance Law
LAB 4
Regional Bank under GLBA compliance law.
A. Unauthorized access from the public internet. (Remote Access 1)
B.User Destroys data in application and deletes all files. (User Domain 1)
C. Hacker penetrates your IT infrastructure and gains access to your internal network (LAN D 1)
D. Intra-Office employee romance gone bad. (User D 3)
E. Fire destroys primary data center. (Systems/Application 2)
F. Service provider SLA is not achieved. (Wan Domain 3)
G. Workstation OS has known software vulnerability. (Workstation 2)
H. Unauthorized access to organization owned workstations. (Workstation 1)
I. Loss of production data. (Systems/Application 3)
J. Denial of service attack on organization DMZ and e-mail server. (Systems/Application 2)
K. Remote communications from home office. (Remote Access 3)
L. Lan server OS has a known software vulnerability. (LAN Domain 2)
M. User downloads and clicks on an unknown. (User Domain 2)
N. Workstation browser has software vulnerability. (Workstation 2)
O. Mobile employee needs secure browser access to sales order entry system. (Remote Access 3
P. Service provider has a major network outage.(WAN Domain 3)
Q. Weak ingress/egress traffic filtering degrades performance (LAN to WAN 3)
R. User inserts CD’s and USB hard drives with personal photo’s, music, and videos on organization owned computer. (User Domain 3)
S. VPN tunneling between remote computer and ingress/egress router is needed. (LAN to WAN)
T. WLAN access points are needed for LAN connectivity within a warehouse. (LAN Domain 3)
U.Need to prevent eavesdropping on WLAN due to customer privacy data access. LAN Domain 1
V. DoS/DDoS attack from the WAN/Internet (Wan 1)
Risk Impacts.
User Domain (4 ) B,1: M, 2: R, 3 : D, 3
Workstation Domain. (3) H,1: G, 2: N, 2
LAN Domain. (4) C,1: U, 1: L, 2: T,3
LAN to WAN (2) S, 3: Q,3WAN Domain (3) V,1: P, 3: F, 3
Remote access (3) A, 1: K, 3: O, 3
Systems/Application (3) E,
Regional Bank under GLBA compliance law.
A. Unauthorized access from the public internet. (Remote Access 1)
B.User Destroys data in application and deletes all files. (User Domain 1)
C. Hacker penetrates your IT infrastructure and gains access to your internal network (LAN D 1)
D. Intra-Office employee romance gone bad. (User D 3)
E. Fire destroys primary data center. (Systems/Application 2)
F. Service provider SLA is not achieved. (Wan Domain 3)
G. Workstation OS has known software vulnerability. (Workstation 2)
H. Unauthorized access to organization owned workstations. (Workstation 1)
I. Loss of production data. (Systems/Application 3)
J. Denial of service attack on organization DMZ and e-mail server. (Systems/Application 2)
K. Remote communications from home office. (Remote Access 3)
L. Lan server OS has a known software vulnerability. (LAN Domain 2)
M. User downloads and clicks on an unknown. (User Domain 2)
N. Workstation browser has software vulnerability. (Workstation 2)
O. Mobile employee needs secure browser access to sales order entry system. (Remote Access 3
P. Service provider has a major network outage.(WAN Domain 3)
Q. Weak ingress/egress traffic filtering degrades performance (LAN to WAN 3)
R. User inserts CD’s and USB hard drives with personal photo’s, music, and videos on organization owned computer. (User Domain 3)
S. VPN tunneling between remote computer and ingress/egress router is needed. (LAN to WAN)
T. WLAN access points are needed for LAN connectivity within a warehouse. (LAN Domain 3)
U.Need to prevent eavesdropping on WLAN due to customer privacy data access. LAN Domain 1
V. DoS/DDoS attack from the WAN/Internet (Wan 1)
Risk Impacts.
User Domain (4 ) B,1: M, 2: R, 3 : D, 3
Workstation Domain. (3) H,1: G, 2: N, 2
LAN Domain. (4) C,1: U, 1: L, 2: T,3
LAN to WAN (2) S, 3: Q,3WAN Domain (3) V,1: P, 3: F, 3
Remote access (3) A, 1: K, 3: O, 3
Systems/Application (3) E,