Private Investigators LLC
Controls and Countermeasures
Private Investigators Limited Liability Company (LLC) has a small office with one server and six workstations. This LLC partnership hosts its own website that allows clients to log in and enter case information. An evaluation of the network and security configuration to determine threats and weakness to the existing system has been completed. A list of the top five associated threats for the Server, Workstations, and Website are outlined below. The following memo discusses the likelihood of the threats occurrence and recommended security controls and countermeasures that should be used to mitigate these threats.
Shown illustrated below are network drawings of the current…show more content… The shutting down of unused ports of protocols that may allow attackers back-door sessions or alternate data streams to existing devices. These connections can be used to modify or steal data stored or accessed by the local devices.
5. Password Management: Authentication processes to prevent unauthorized users from accessing computers, applications, and network devices. Attackers will exploit weak or default passwords to gain access to launch attacks on additional equipment on the network. A3.
1. Input Validation: Web Servers are susceptible to buffer overflow attacks, cross-site scripting, SQL injection, and canonicalization. An attacker uses programming techniques to cause Website application lock-up, data corruption, and security vulnerabilities.
2. Authentication: Threats such as network eavesdropping, brute force attack, dictionary attack, cookie replay, and credential theft are used to exploit passwords and authentication techniques that protect the Website. If an attacker can break weak or default passwords of the system or applications that reside on the physical webserver they have control or
“own” the site.
3. Authorization: Elevation of privilege, discloser of confidential data, data tampering, and luring attacks are possible if controls are not in place to prevent them. This would allow attacks to gain control of the system, steal data, and load malware to future exploit other network devices.