Identifying Potential Risk, Response, Recovery

1589 Words Feb 9th, 2014 7 Pages
Identifying Potential Risk 1
Assignment 1: Identifying Potential Risk, Response, and Recovery
CIS333

Identifying Potential Risk 2

In this paper I have just been hired as an Information Security Engineer for a video game development company. I have previously identified all of the potential Threats, Vulnerabilities and Malicious Attacks for the videogame development company. The CIO have reviewed my report and has now requested that I draft a report analyzing and assessing any potential Malicious Attacks, Vulnerabilities and Threats that may be carried out against the company’s network. I will then choose a strategy for dealing with risk, such as mitigation, assignment, risk and
…show more content…
Only allow browsing on sites that are known to be safe, this will be did strictly for the purpose of supporting server operation and maintenance. Another practice to keep in mind is to make sure that all of the company’s files, including the shared ones, should be ran against a virus scanning software. Identifying Potential Risk 5
This bring me to the file servers, have the potential to receive different viruses such as worms, Trojan horses and logic bombs. To allow an end user to upload files to your website, is like opening another door for a malicious user to compromise your server (acunetix.com). File uploads are permitted in social network applications. File uploads are also allowed with blogging, e-banking sites and you tube. All of these network sites allow users the opportunity to efficiently share files with corporate employees. Users are allowed to share files with corporate employees, through uploaded videos, pictures, avatars and many other types of files. The best way to prevent malicious attacks through the company’s file servers is to make sure that the file that is being uploaded is validated. This will prevent a hacker from uploading files with malicious codes that can lead to a server compromise. Another way to prevent a malicious attack on the file server is for the company to block all dangerous extensions. In cases like this, there would
Open Document