Technical Paper
center23002311409410012100center818008227695Goodman, Jeremy
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014
941009200Goodman, Jeremy
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014 center700007040880Abstract Risk Assessment for Global Finance, Inc. Network.
9410010000Abstract
Risk Assessment for Global Finance, Inc. Network.
-5715003009900Week 10 Technical PaperRisk Assessment
036300Week 10 Technical PaperRisk Assessment
Introduction
Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000.
Risk Assessment Purpose
The purpose of this risk assessment is to evaluate the adequacy of the Global Finance, Inc. security and network. This risk assessment provides a structured qualitative assessment of the operational environment. It addresses sensitivity, threats, vulnerabilities, risks and safeguards. The assessment recommends cost effective safeguards to mitigate threats and associated exploitable vulnerabilities. Safeguards are security features and controls that, when added to or included
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014
941009200Goodman, Jeremy
Yaw Frimpong, Ph.D.CIS 502 Theories of Security Management
September 1, 2014 center700007040880Abstract Risk Assessment for Global Finance, Inc. Network.
9410010000Abstract
Risk Assessment for Global Finance, Inc. Network.
-5715003009900Week 10 Technical PaperRisk Assessment
036300Week 10 Technical PaperRisk Assessment
Introduction
Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000.
Risk Assessment Purpose
The purpose of this risk assessment is to evaluate the adequacy of the Global Finance, Inc. security and network. This risk assessment provides a structured qualitative assessment of the operational environment. It addresses sensitivity, threats, vulnerabilities, risks and safeguards. The assessment recommends cost effective safeguards to mitigate threats and associated exploitable vulnerabilities. Safeguards are security features and controls that, when added to or included
References: BIBLIOGRAPHY Gregory, P. (2009). CISSP Guide to Security Essentials. Cengage Learning. Lin, C. (2005, September). PSTN (public switched telephone network). Retrieved from TechTarget: http://searchnetworking.techtarget.com/definition/PSTN Network Computing. (2012, March 22). Flat Network Strength Also A Security Weakness. Retrieved from Information Week Network Computing: http://www.networkcomputing.com/networking/flat-network-strength-also-a-security-weakness/d/d-id/1233495? Olzak, T. (2012, April 18). VLAN Network Segmentation and Security. Retrieved from Infosec: http://resources.infosecinstitute.com/vlan-network-chapter-5/ Oppliger, R. (1997, May). Internet security: firewalls and beyond. Communication of the ACM Volume 40 Issue 5, pp. 92-100. Shelly, G., & Rosenblatt, H. J. (2011). Systems Analysis and Design, Ninth Edition. Cengage Learning.