Premium Essay

Risk, Threats, and Vulnerabilties

In: Computers and Technology

Submitted By thisthing18
Words 665
Pages 3
Purpose
This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment.

Required Source Information and Tools

To complete the project, you will need the following: 1. Access to the Internet to perform research for the project * Microsoft Windows How-To, including: * Optimize Windows for Better Performance: http://windows.microsoft.com/en-us/windows/optimize-windows-better-performance - optimize-windows-better-performance=windows-7 * http://windows.microsoft.com/en-us/windows-8/improve-performance-optimizing-hard-drive 8.1 * http://www.makeuseof.com/tag/7-quick-tips-hacks-optimize-windows-10-experience/ win 10 * Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing: http://windows.microsoft.com/en-us/windows7/monitor-attempts-to-access-and-change-settings-on-your-computer * What Information Appears in Event Logs? http://windows.microsoft.com/en-us/windows/what-information-event-logs-event-viewer - 1TC=windows-7 2. Course textbook

Learning Objectives and Outcomes
You will: * Explain how to assess risks, threats, and vulnerabilities * Evaluate potential outcomes of a malware attack and exposure of confidential information * Evaluate information systems security countermeasures * Explain how system hardening relates to a company’s IT security policy framework * Analyze the purposes of system hardening * Analyze security events * Evaluate information systems security activities in terms of business contributions

Introduction
Contemporary organizations collect, store, and transmit a tremendous amount of highly sensitive data. Despite the many benefits that information technology offers, these systems are not completely secure. Proper…...

Similar Documents

Premium Essay

The Threat Within

...The threat within A study on insider threat by DSCI in collaboration with PwC About Data Security Council of India (DSCI) Data Security Council of India (DSCI) is a focal body on data protection in India, setup as an independent Self-Regulatory Organisation (SRO) by NASSCOM®, to promote data protection, develop security and privacy best practices & standards and encourage the Indian industries to implement the same. DSCI is engaged with the Indian IT/BPO industry, their clients worldwide, Banking and Telecom sectors, industry associations, Data Protection Authorities and other Government agencies in different countries. It conducts industry wide surveys and publishes reports, organizes data protection awareness seminars, workshops, projects, interactions and other necessary initiatives for outreach and public advocacy. DSCI is focused on capacity building of Law Enforcement Agencies for combating cyber crimes in the country and towards this, it operates several Cyber labs across India to train police officers, prosecutors and judicial officers in cyber forensics. Public Advocacy, Thought Leadership, Awareness and Outreach and Capacity Building are the key words to continue to promote and enhance trust in India as a secure global sourcing hub, and also to promote data protection in the country. For more information about DSCI or this report, please contact: Data Security Council of India Niryat Bhawan, 3rd Floor Rao Tula Ram Marg New Delhi –......

Words: 7525 - Pages: 31

Free Essay

Threat and Risk Assesment

...Associate Level Material Appendix B Security Assessment Directions: Choose one of the Facts for Consideration sections from Ch. 3 of the text and list the page number for the section you chose. Then, complete the following table. List five threats appropriate to the environment from the section you chose. Rate the risk for each threat from 0 (low) to 10 (high). Then, list five appropriate countermeasures. Once you complete the table, write a brief explanation of the countermeasures for the two threats with the highest risk total, stating how the countermeasure reduces the risk associated with that threat. This assessment is based on the Facts for Consideration on page _92_ | | | | |THREAT |RISK |COUNTERMEASURE | | |Probability |Criticality |Total | | |Example: | | | | | |Physical assault |9 |4 |13 |Highly visible officer presence | |Taking over the Bus |5 |10 |15 |Have at least 3 guards on......

Words: 264 - Pages: 2

Premium Essay

Threats and Risks Assessment

...Threats and Risks Assessment The determination of natural, man-made, and technological risks is the responsibility of security management and security personnel. Threats and risks are vital to determine to lessen the damages caused to assets within the organization. Retail organizations have many assets that are needed to be protected from threats and risks in order to maintain quality customer service. The threats and risks can either be caused from the inside threats or outside threats. The most common risks that are present in retail organizations are fires, internal and external thefts, and burglaries. Threats and vulnerabilities are managed and determined by security officials on a daily basis to ensure proper protocols are being upheld when risks present themselves. Retail Threat and Risk Assessment The determination of threats and risks that affect all organizations, not just specific organizations, must first be made by using a threat and vulnerability assessment and risk analysis. “The first step in a risk management program is a threat assessment. A threat assessment considers the full spectrum of threats for any given facility/location. The assessment should examine supporting information to evaluate the likelihood of occurrence for each threat” (National Institute of Building Sciences, 2012). The threats and vulnerabilities within the organization are discovered and then a risk analysis is used to determine which risks are most likely to be present......

Words: 1136 - Pages: 5

Free Essay

Threats and Risks Associated with a Small Business Network

...Possible threats with a small business network Vernon Hellbusch Coleman University   We will be looking into threats and risks that can invade a small business network. The security of a small business network may be jeopardized in many ways. One of the many ways might be through your e-mail, or it could be someone sabotaging internally. Another way could be the use of hardware, such an external hard drive, thumb drive etc. Even as simple as a cell phone could interrupt the security of your network. We will be taking a look at ways to secure a business network from the cybercriminals that our out there trying to disrupt the security of the network systems. 1. We can do a risk assessment 2. We can educate the users 3. We can use packet filtering on the router 4. We can use antivirus software at the gateway and on the desktops Harden your systems by getting rid of useless applications These are just a few ways on getting started on securing your network. We can start looking at different software options that will help in securing your network. Let’s take a look at what’s out there for free, you have Microsoft securities that you can download for Free. You have AVG is another that is free, you have Malware Bytes also as well. These are just a few downloads that are free that work if you’re on a tight budget and just getting started. Also when using products like these, you want to make sure you keep track of your daily updates to make sure......

Words: 582 - Pages: 3

Premium Essay

Threats and Risks Assessment

...Threats and Risks Assessment Joshua Watts SEC 400 September 15, 2013 Bill Hale Threats and Risks Assessment Risk is defined as any situation that involves the exposure of or to danger. Threat is defined as an intention or statement to cause damage or hostile action against someone or something for retribution. When security managers don't manage risk properly they are vulnerable to threats. This can be any situation possible will involve some risk and leave someone or something vulnerable to threats, there is no way to eliminate risk completely but there are ways to manage risk and reduce the vulnerabilities and thus reducing the threats. This is one of if not the most crucial part of being a security manager. You will need to constantly do risk and threat assessment of the property or assets you’re in charge of protecting this includes both from seen and un-seen hazards. This is an example of a risk and threat assessment of a local business that I am employed at, had I been a security manager this is what threats and vulnerabilities I found and assessment of how to reduce them. Floor Plan - The floor plan is a 1000 sq. ft. building with a main entrance area and waiting area also housing the bathroom. There’s a middle area with an oven and counters to make pizzas, with a 10 sq. ft. office in the rear corner of the middle area. There is also a rear stock area with a walk in freezer. There are two main doors......

Words: 1098 - Pages: 5

Free Essay

Security Threats

...Security Threats Vulnerability can be defined as “a security exposure that results from a product weakness that the product developer did not intend to introduce and should fix once it is discovered” (Microsoft TechNet, 2014). There are possibility that the two databases could have vulnerabilities such as a weakness in the technology, configuration or security policies. The vulnerabilities can lead to potential risks in the personnel records systems. Security risks can be described as actions that could cause loss or damage to computer hardware, software, data or information. Potential security risks to milPDS and Remedy are computer viruses, unauthorized access of systems, personal information theft, personally identifiable information (PII) being compromised or violated, and system failure. These vulnerabilities and security risks can result in serious issue to the center. As a center that has a main purpose of managing personal records, any compromise, whether it is information stolen or a database system losing information can be disastrous for many different reasons. After threats and vulnerabilities have been identified, an assessment should be processed to figure out how the threat and vulnerability affected the system(s). This will assist in determining what measures are needed to ensure the vulnerability is handled. There are policies, Air Force Instructions and procedures in place if threats and vulnerabilities have been detected. The Commander......

Words: 474 - Pages: 2

Premium Essay

Threats

...Threats of new entrants The threats of new entrants could recognized low due to several fact: The size of economies of scale and its main competitors,are very large. They have strong market power and capital to maintain their value. For the company, it has more than million servers located around the world to provide searching services to customers and obtain information from customers. Therefore, they understand the customer’s habits. Its main competitors are also not lag behind to improving their searching engines servers. It have high brand loyalty of users and it is famous that one of the strongest brand recognitions in the world. However, the switching cost is low. For users, other search engines were literally one click away. The barrier of entry is high so that if a new entrant would like to earner internet industry and would get successfully, it needs to have Sufficient of capital and technology that provide a better searching engine, and also must overcome the brand loyalty. Threats of exiting rivalry The threats of exiting rivalry have two parts, searching engines and advertising. For searching engines, the threats of exiting rivalry are low. The company have obviously competitive advantage. Its searching engines provide the best searching result and the fastest searching speed in the industry. But the good performance of searching engines is in order to acquire more advertisement that place at its website. It is not a only way for advertiser to place......

Words: 495 - Pages: 2

Premium Essay

Eight Threats

...8 Threats to Portfolio Performance The last decade has been a challenge for many investors, especially those investing for the long term and retirement. Given declines in global stock markets, many investors have seen little to no real growth in their portfolios over this period. For example, $10,000 invested in the S&P 500 Market Index in 2000, was worth just $10,456 at the end of 2010. And this does not take into account inflation, investment fees and taxes.1 This White Paper explains why investors’ portfolios may underperform in both bear and bull markets and incur substantial costs in the process. It also details the impact this chronic underperformance can have on achieving long-term financial goals. Threat 1: The Expenses of Active Management Most us would like to beat the market, but as we’ll explore in this whitepaper, even many professional money managers have had a hard time performing better than the market. To understand why, it is helpful to begin with some definitions. Active investors (and active money managers) attempt to out- perform stock market rates of return by actively trading individual stocks and/or engaging in market timing — deciding when to be in and out of the market. Those investors who simply purchase “the market” through index or asset class mutual funds are called passive or “market” investors. Active mutual fund managers are typically compared to a benchmark index. For example, large cap mutual funds are often compared to the...

Words: 3636 - Pages: 15

Free Essay

Threats and Risks Assessment Week 1 Sec 400

...Threats and Risks Assessment Class: SEC 400 Instructor: Steven Shelton By: Kyle Robbins Date: 8/24/15 When you are in charge of security for a place such as Under Armour there are many different factors you must consider things such as Internal theft, external theft, damaged merchandise being shipped in, robbery of merchandise, robbery of tills and safe, terrorist bomb threat, hostage situation, relationships between coworkers, sexual harassment, tornado, and floods. In this paper we will talk about some of these along with what loss would come with this happening. The Under Armour factory outlet store in Commerce GA is located in the Tanager outlet shopping center. The store itself continues to grow each year with customers and stronger merchandise made from Under Armour. Currently the store makes around 3.4 million dollars a year and is projected to only grow more and more. This is one of the many different factory and brand-house stores that Under Armour has all across America. In order to keep this store profitable I have developed this threat risk assessment that is attached both with and within this paper. The threats are broke down from the most possible and damaging to the company to the least likely to affect the company. The list is as follow, * The Risk Threat rank Criticality Total * External theft 9 ...

Words: 1079 - Pages: 5

Free Essay

Threat and Risk Assesment

...Below is my quantitative data findings on the threats and vulnerabilities our qualitative research founded in our look into your company. First we will provide some recent attacks that have happened to other companies. Second we will let you know how likely the attack is to occur at your company. Third we will provide you the real number data to support the idea if you should spend money or not on improving your protection from this type of attack. Spoofing: In 2006 banks were targeted by attackers with a spoofing attack. An article written by McMillan (2006) stated that the attackers were able to hack into the banks' ISP servers and redirect traffic from the legitimate banks' websites to a bogus server. The attackers were able to affect about 20 customers by being able to get them to enter in PINs and other personal information (para. 2). There is an article by Zetter (2012) in which a mathematician noticed that several technology companies and other types of companies used a weak DomainKeys Identified Mail (DKIM) that he was able to break and then use to pretend to be high up personnel in that company. In our report we noted you had in-house servers and the firewalls seem properly configured for outside attacks. In 2014, AOL had its mail service attacked, and the attackers used the email address book to send spam to everyone in the address book as the owner of the email. Spoofing is still a viable attack and even with properly configured network and validation methods......

Words: 2034 - Pages: 9

Free Essay

How Should Singapore and Other Smart Cities Deal with the Increasing Risk of Cyber Threats?

...How should Singapore and other smart cities deal with the increasing risk of cyber threats? Fifty years after its establishment, Singapore is a smart city-state success story at the forefront of a third industrial revolution. Today, the Internet of Things (IoT) increasingly interconnects Singapore’s cyber and physical systems, sensors and smart technology into the digital fabric that links society and critical infrastructures such as transportation, health, finance and defense. Infrastructure investment is expected to grow by 50% to about $30 billion by the end of the decade. But as Singapore and other smart cities become increasingly connected to cyberspace, so too does their risk of cyber threats. For the next 50 years to be as prosperous as the last, Singapore and other smart cities and nations need to develop a cyber-smart workforce, technology, policies and new risk management solutions. Cyber Smart City: Opportunity and Challenge The Cyber Smart City Opportunity of new IoT-inspired products, services and markets could boost the gross domestic product (GDP) of the world’s 20 largest economies by $14.2 trillion in 2030, according to a recent study by Accenture. This trend can be seen in Singapore’s smart buildings, where converged information and operational technologies infrastructures, control systems and sensors integrate multiple electronic systems to support building management and business functions. Smart building technology is increasing energy......

Words: 417 - Pages: 2

Premium Essay

Vulnerabilty in Kam

...the limited number of automobile manufacturers in the world, and producers of computer components would argue that if you want Dell’s business, then you do business on Dell’s terms, robust though those terms may be. Such responses at least clarify that in many ‘‘key account’’ situations, the real issue is less partnership and more about one party dictating terms to the other, which is not the concept of ‘‘collaboration’’ normally advanced to justify KAM investments by suppliers. However, while the marketplace reality argument is well taken, it obscures an extremely important point. If it is conceded that powerful customers will ultimately exploit that power to their own advantage, then their business carries a disproportionately higher risk than that of less powerful, less dominant customers, and it is less attractive as a result. If it is inevitable that major customers will demand more concessions and pay less, then it is likely they will also be substantially less profitable than other customers. There is little consistent empirical evidence in the public domain regarding key account profitability, but for a review, see (McDonald et al., 2003). Generally, it appears that over time the source of profitability for manufacturers in particular has changed. While at one time profits were generally proportional to the size of an account because prices were cost-based, sales costs were relatively low, and the relative account size did not vary enormously, the modern situation is......

Words: 8678 - Pages: 35

Premium Essay

Ethical Risks and Threats in the Accounting Profession

...Ethical risks and threats in the accounting profession Accounting ethics is primarily the study of moral values and judgments as they apply to accountancy. Accounting ethics were first introduced by Luca Pacioli in 1494 in his book “Summa de arithmetica, geometria, proportioni, et proportinalita”, and later expanded by government bodies, professional organizations and independent companies (Humphrey 2005). Throughout 2001 and 2002, the financial scandals in in the USA and some other countries, such as Australia, dramatically demonstrated how the efficiency of financial markets is based on assumptions of trust and ethical behavior of corporate managers (McPhail 2001). The collapse of companies such as Enron, WorldCom and Global Crossing in the USA, HIH Insurance and OneTel in Australia, and Parmalat in Italy, has led to a loss of confidence by the investing public in the system of financial reporting and accountability. The globalization and diversification of accounting services, combined with market competition and high profile corporate collapses has drawn attention to the accounting profession and its perceived ethical standards. (Cooper 2007) Ethical values provide the foundation on which a civilized society exists. Without the foundation, civilization collapses. On a personal level, the answer to the question of the highest aspiration might be wealth, fame, knowledge, popularity, or integrity. But if integrity is secondary to any of the alternatives, it will be......

Words: 2284 - Pages: 10

Premium Essay

Threat Assessment

...Threat Assessment Robert Nassar SEC 440 February 20, 2012 Threat Assessment When conducting an assessment to a company’s information or (computer) security system, the person or personnel must determine all possible risks that may threaten a company’s security. Risk as defined by OHSAS (Occupational Health & Safety Advisory Services) is the product of the probability of a hazard resulting in an adverse event, times the severity of the event the possibility of losing something. With this being said an assessment needs to include the possibility of loss, and how to minimize the risk of loss or the manageable way to contain all possible risks. To determine what types of risks a company maybe associated with is an on going process since in the cyber world new viruses, worms and thousands of different types of spyware are created everyday, the system must be monitored daily. Vulnerability is the potential point of attack, such as a computer without a password to access the system, which makes the system vulnerable to unauthorized access to the system. If a password was installed to the system it can reduce the risk of unauthorized access. While conducting an assessment one can understand the vulnerabilities and the difficulty of exploiting vulnerability, with a result in containment and deterrence of such a threat, with priority of such threats as a guideline. Depending of the level of threat, the vulnerability of access to a company’s information can be analyzed from......

Words: 1457 - Pages: 6

Premium Essay

Threats

...20 THREATS 1 Since this is a pioneering, people might find it unusual to use a toothpaste in a chewable form. 2 Another challenge would be convincing the traditional toothbrush users to buy the product. 3 The biggest competitor would be the chewing gum companies. 4 There is a high potential that consumers will not use this product as a substitute product for toothpaste. 5 Possibility of slow market growth. 6 Possibility of product being a “fad” in the market. 7 The challenge of being universally accepted in the marketplace. 8 Once it enters the market, it can be easily duplicated. 9 There could be a low customer demand. 10 It would be difficult to penetrate the competitive market. 11 Doctors may still recommend toothpaste as the number one solution for oral treatment. 12 The need to have the positioning of product in the minds of the consumers would be hard to achieve. 13 Mouthwash companies can also be seen as one of the competitors. 14 Customers might not find the same satisfaction they get from tooth brushing. 15 The changing needs of the consumers are inevitable. 16 As a developing company, it requires a huge amount of effort to market the product. 17 The increasing number of counterfeits. 18 There could be a seldom buying in this product since people are used to brushing teeth. 19 Consumers especially generation X may perceived that it may cause cavity because of being a gum type. 20 It may be difficult for the company to achieve its desired...

Words: 267 - Pages: 2