CIS502 Week 10 Technical Term Papaer

887 WordsMay 18, 20144 Pages
Risk Assessment Louis F DeWeaver III Strayer University CIS502 Week 10 Technical Paper: Risk Assessment Instructor: Dr. Alaba Oluyomi March 12, 2014 Introduction The network diagram of Global Finance, Inc. (GFI) depicts the layout of the company’s mission critical systems. The company has two servers (Email and the Oracle database) which are used more than any of their other systems. GFI heavily depend on their network to be stable because of their financial systems that are running and any outage would negatively affect their operations and financial situation. Like all other business, customer satisfaction and the security of GFI’s network is crucial. In order to ensure their network and data is secure,…show more content…
The trusted computing base (TCB) internal network in the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems without which the company’s operations and financial situation would suffer. The Oracle database and email systems are among the most intensively used application servers in the company. As we know, GFI cannot afford system outages because its cash flow and financial systems heavily depend on the network stability. GFI has experienced DOS network attacks twice this year and its Oracle database and email servers had been down for a week. The recovery process required GFI to use $25,000 to restore its operations back to normal. GFI estimated the loss from these network attacks at more than $100,000 including lost customer confidence. Employees Those who take care of all regular (non-security related) business needs of GIAC Enterprises. • Access to the corporate network • Access to the data network indirectly • No access to the remote network • No access to the “service” network The Employees of GIF includes all inside employees EXCEPT a group of employees designated as the “Security Team” who will perform the day-to-day tasks of doing business. All management will be considered to be among this group of employees and they will not be granted different access to services. Protocol summary for the Employees: • HTTP (TCP 80) • FTP data (TCP 21) • SMTP (TCP 25) • DNS (UDP 53) The firewall

    More about CIS502 Week 10 Technical Term Papaer

      Open Document