Top Five Security Threats And Infrastructure

776 WordsAug 14, 20164 Pages
Your company recently contacted our firm to: assess its operating environment and infrastructure; analyze the threats facing AMI information systems; and aid with any security challenges to the operating environment and infrastructure. For a start, C3J will use the NIST SP 800-14: Generally Accepted Principles and Practices for Securing Information Technology Systems and NIST SP 800-53: Recommended Security Controls for Federal Information Systems standards to outline the top five threats to the server, the workstations, and the website. Following are the top identified threats against AMI information systems, the likelihood of each threat, and our recommended security controls. Following is our information security analysis report for the AMI network. Top five security threats to the AMI server: AMI has a simple/flat network topology design The unpatched server The server has no anti-malware software A public facing web server is running on the LAN The server accepts client data. Top five threats to the workstations: The operating systems and applications are not patched The workstations have no anti-malware software The computers have non-reputable software installed on the systems The workstations need standard accounts for administration The computers need a software firewall configured to protect them from unauthorized users and programs. Top five threats to the website: The website is vulnerable to local file inclusion attacks The website is using unpatched
Open Document