The following are common threats or vulnerabilities in each domain of a typical

Question

The following are common threats or vulnerabilities in each domain of a typical IT infrastructure. Pick two situations and consider the scope of the threat or vulnerability. What is at risk? What is affected? How might the threat or vulnerability lead to an attack? Then discuss countermeasures that can prevent security issues.

User Domain: Weak account passwords

Workstation Domain: Company laptops contain sensitive data

LAN Domain: Spam emails

LAN-to-WAN Domain: File transfer protocol (FTP) used to transmit data

WAN Domain: Wide area network (WAN) gateway open to any connections

Remote Access Domain: Weak endpoint security on virtual private network (VPN) clients

System/Application Domain: An unpatched server operating system

Explanation / Answer

Critical Infrastructure is classified as a National Concern [3] because of its scope and its importance to the nation. Identification of the Critical Infrastructure may differ in any countries. The US government identified 14 areas or Infrastructures that required protection from threats. This infrastructure is so important because they provide goods and services that have great contribution to the economy and national defense. The survivability, reliability and resiliency of the systems identified as critical infrastructure allow the people to maintain a sense of confidence in their country and themselves. The National Strategy for Homeland Security has identified these 14 areas as: Agriculture & Food, Water, Public Health, Emergency Services, Government, Defense Industrial Base, Information ands Telecommunications, Banking and Finance, Energy, Transportation, Chemical Industry ands Hazardous Materials, Postal and Shipping, National monuments and icons, and Critical Manufacturing.

Keeping the infrastructure security posture up-to-date, scanning the infrastructure for identification of new issues or vulnerabilities that could potentially lead to a security compromise, taking corrective measures in case of a likely compromise, effectively managing infrastructure that inherently is risk prone and delivering a fast response in case of compromise are essential characteristics of the TVM function. DSF pays a careful attention to this discipline as this function can stimulate dynamism in an organization’s security initiatives, which should be an essential characteristic of any contemporary security program. DSCI Best Practices represent contemporary understanding in this field that includes evolving practices around TVM, emerging technical solutions and layered approaches towards TVM that entails strategic, tactical and operational perspective.

The main objective of a vulnerability management process is to detect and remediate vulnerabilities in a timely fashion. Many organizations do not frequently perform vulnerability scans in their environment. They perform scans on a quarterly or annual basis which only provides a snapshot at that point in time.

The purpose of vulnerability analysis is to take what was identified in the gathering of information and test to determine the current exposure, whether current safe guards are sufficient in terms of confidentiality, integrity or availability. It will also give an indication as to whether the proposed safe guards will be sufficient. Various tools can be used to identify specific vulnerabilities in systems

. · Nessus

· SAINT

· Whisker

· Sara

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.