Cis 333 Final Term Paper

2516 Words Apr 6th, 2012 11 Pages
Technical Project Paper: Information Systems Security
Information Systems Security
Haseeb Ahmed Khan
Mark O’Connell
CIS 333 Fundamentals of Information Security
March 12, 2012

Abstract
In today’s IT world every organization has a responsibility to protect the information and sensitive data they have. Protecting data is not only responsibility of security and IT staff but every individual is involved in protecting the information. The risks to information security are not digital only, but it involves technology, people and process that an organization may have. These threats may represent the problems that are associated to complex and expensive solution, but doing nothing about these risks is not the solution.
The case we
…show more content…
(Georgia Institute of Technology).
As we read in the book, vulnerabilities are found in all seven domains of the network: * User Domain: * Lack of awareness of security policy * Accidental acceptable use policy violation * Intentional malicious activity * Social engineering * Workstation Domain: * Unauthorized user access * Malicious software introduced * Weaknesses in installed software * LAN Domain * Unauthorized network access * Transmitting private data unencrypted * Spreading malicious software * LAN-to-WAN Domain * Exposure and unauthorized access of internal resources to the public * Introduction of malicious software * Loss of productivity due to Internet access * WAN Domain Transmitting private data unencrypted * Malicious attacks from anonymous sources * Denial of Service attacks * Weaknesses in software * Remote Access Domain * Brute-force attacks on access and private data * Unauthorized remote access to resources * Data leakage from remote access or lost storage devices * System/Application Domain * Unauthorized physical or logical access to resources * Weaknesses in server operating system or application software * Data loss from errors, failures, or
Open Document