SEC 571 Week 3 Course Project: Phase I (Part I) - Graded An A+

Document Content and Description Below

SEC 571 Week 3 Course Project: Phase I (Part I) Table of contents Table of Contents Executive Summary 3 Company Overview 4 Security Vulnerabilities 4 ... Hardware vulnerabilities 4 Policy vulnerabilities 5 References 7 Executive Summary This report emphasizes potential security vulnerabilities that Quality Web Design might face in different areas of its organization. The report will be divided in two different phases, where phase I, will identify different vulnerabilities associated with software and policies weaknesses and create a detail assessment showing possible their vulnerabilities with their consequences. Phase II will have the recommended solutions to any potential weaknesses that Quality Web Design might face when providing the justification for those solutions. I Company overview Quality Web Design (QWD) is a great specialize organization in website and web content designs for any kind any business. The company (QWD) has the incredible mission to deliver top quality web designs that will help to establish and increase businesses by growing costumers due to their quality web designs. The company is a proud proprietary of over 250,000 images and graphical designs; these images and graphical designs will boost the appeal of any website. II Security Vulnerabilities There are vulnerabilities in every company and Quality Web Design won’t be the exception. To be able to find them we have to inspect the entire company to identify, classify and then later prioritize the vulnerabilities in the computer system. Security vulnerabilities can be associated with assets or policies where they can be threat against it. II.I Hardware Vulnerabilities Hardware vulnerabilities are weaknesses find in a computer system. These attacks can be on the physical hardware or through remote access directed to the hardware. Quality Web Service have quite of few vulnerabilities where its hardware can be attacked, some of the ways where the hardware has vulnerabilities it is, when users can install new software, when they transfer files from flash drive to the computer, when they use the optical drive such as CD/DVD ROMs to install new programs and also the interfaces o the board where different drives get connected. Quality Web Service also have different vulnerabilities such as the access to the building from different people, in this case it could end in a great damage to the physical network, that’s why it is very important to guard the network equipment against this kind of vulnerabilities, and create a designated room to place all the equipment that only people who needs to have access to that room should be able do so. Another different hardware vulnerability might be an unanticipated flaw in operation, where attackers get control of the system, these vulnerabilities sometimes could be done remotely. Many of the hardware vulnerabilities sometimes are coming from software based and include old systems because some of these old systems features such Firmware Interface Secure Boot, a self-healing basic input/output system (BIOS), preboot authentication, self-encrypting drives are not built-in security which it is known that they cannot prevent 100% the system, but they at least improve somehow the security of the systems. Some other commo vulnerabilities specially for the internet routers are access control such as authentication tokens, network appliances, industrial control systems, surveillance systems and components of communication infrastructure where malicious individuals could alter components in the system to damage the routers or any other equipment. II.II Policy vulnerabilities Here is where is the most dangerous problem for Quality Web Design, because a lot of employees will depend in accessing the system from the company and from a remote places and due to that fact, individuals might find the way to try to hack the system to get access to the restrict area where they have the most critical information about the customers and about the companies most precious secrets. Quality Web Design will have to create very tight access control policies to make sure no one undesired get access to the main system and therefore here are some of the vulnerabilities where Quality Web design will have to work to make sure it does not get hit by any individual. Policies vulnerabilities will start with the access control, because by no having a good access control vulnerability will increase, then vulnerabilities weaknesses will come from all the policies that will be created to get access to the system. Vulnerabilities will be on every access created for the users and will depend on the privileges for those users, not forgetting that any little open window will be enough for the hackers to take control of the system. Another vulnerability could be the patches or updates for the access control that is creating the policies. Privileges will have to be enforced to all the users by giving only necessary access to the needed share files, share printers or any software that only needed to be access for the right users because the worse vulnerabilities sometimes are not limiting employees access. One other vulnerability could be the lack of an assessment of security, because every organization needs to be able to plan any security event. References Infosec Institute (2013). Hardware attacks, backdoors and electronic component qualification. Retrieve from https://resources.infosecinstitute.com/hardware-attacks-backdoors-and- electronic-component-qualification/#gref Pfleeger, Charles P., Shari Pfleeger, Jonathan Margulies. Security in Computing, 5th Edition. Pearson Learning Solutions, 01/2018. VitalBook file. Rouse M. (2015). hardware vulnerability. Retrieve from https://whatis.techtarget.com/definition/hardware-vulnerability [Show More]

Last updated: 10 months ago

Preview 1 out of 6 pages