Top Five Security Threats And Infrastructure

776 Words4 Pages
Your company recently contacted our firm to: assess its operating environment and infrastructure; analyze the threats facing AMI information systems; and aid with any security challenges to the operating environment and infrastructure. For a start, C3J will use the NIST SP 800-14: Generally Accepted Principles and Practices for Securing Information Technology Systems and NIST SP 800-53: Recommended Security Controls for Federal Information Systems standards to outline the top five threats to the server, the workstations, and the website. Following are the top identified threats against AMI information systems, the likelihood of each threat, and our recommended security controls. Following is our information security analysis report for the AMI network.

Top five security threats to the AMI server:
AMI has a simple/flat network topology design
The unpatched server
The server has no anti-malware software
A public facing web server is running on the LAN
The server accepts client data.

Top five threats to the workstations:
The operating systems and applications are not patched
The workstations have no anti-malware software
The computers have non-reputable software installed on the systems
The workstations need standard accounts for administration
The computers need a software firewall configured to protect them from unauthorized users and programs.

Top five threats to the website:
The website is vulnerable to local file inclusion attacks
The website is using unpatched
Open Document