Identifying Risks, Response, and Recovery

1443 Words6 Pages
Running Head: IDENTIFYING RISKS, RESPONSE, AND RECOVERY 1

Identifying Risks, Response, and Recovery
Amy E. Moody
Strayer University
CIS333
Professor Williams

IDENTIFYING RISKS, RESPONSE AND RECOVERY 2
Identifying Risks, Response and Recovery I previously identified several types of attacks, threats and vulnerabilities that exist with your multilayered network. I have now been charged with the responsibility of developing a strategy to deal with these risks as well as a plan to mitigate each risk to reduce the impact that each will have on your organization. Your firewall, which is your first line of defense, is susceptible to two common types of attacks. First there are attacks against the firewall
…show more content…
Preventive measures include the creation of a DMZ within this server, you will develop a buffer zone where traffic from both sides is let in, but not able to penetrate the network itself without the proper permissions.

IDENTIFYING RISKS, RESPONSE AND RECOVERY 4
The most common type of attack on your email server is the DoS attack. Because so many different types of devices connect to and utilize the email server, security in this area is very difficult to attain. DoS attacks are also common on Active Directory Domain controllers. In the case of these DoS attacks risk acceptance is necessary and you must mitigate these risks and vulnerabilities to minimize damage. You can ensure that your antivirus protection is up-to-date as well as requiring that employees do not stay logged into their email. You can also adjust the time out length to ensure that idle computers are automatically logged off the server if they lay dormant for too long. These can all help prevent unnoticed attacks from occurring.
The sharing of files which are located on your server pose a unique threat. I think this is more of an internal than external threat. You have to be careful who you give the ability to access and change files to. Internal controls to mitigate this risk include the creation and management of an Access Control Matrix. That way you can assign access and usage rights only to those who require access to the files.
Get Access