Question: Defensive security involves focusing on reactive measures to breaches and includes processes such as finding system vulnerabilities, patching security flaws, and retiring software that introduces

Defensive security involves focusing on reactive measures to breaches and includes

processes such as finding system vulnerabilities, patching security flaws, and retiring software

Defensive security involves focusing on reactive measures to breaches and includes processes such as finding system vulnerabilities, patching security flaws, and retiring software that introduces excess risk into an environment. For this assignment, you will be given a networked information system with an access control matrix. You need to conduct a risk assessment by evaluating network security threats, physical media vulnerabilities and auditing system security. Scenario The Book Blazer Publishing Company just found out they may have been hacked! They have been concerned for quite some time that a competitor has been stealing book ideas from their content management system (CMS). As the city's premier security consultant, they retain you to verify whether this is true or not. You are given an architecture diagram of the CMS which consists of: 1. Web server to house the web site front-end 2. Application server to provide data processing functions 3. SQL server to house content metadata 4. File server on which content is stored 5. Firewall to protect the system 6. VPN appliance so employees can reach the CMS from the outside You are also provided the following access control matrix showing each group and what access they have to each component: After conducting a risk assessment by evaluating network security threats, physical media vulnerabilities and auditing system security, you are able to verify their worst fears! To help the CEO and CIO understand what is happening, you will need to discuss in the class detailing the types of risk discovered. INTERNET IP ADDRESSING TABLE \begin{tabular}{|llll|} \hline \multicolumn{2}{|l|}{ NAME INTERFACE } & ADDRESS & \multicolumn{2}{l|}{ DESCRIPTION } \\ \hline R1 & G0/1 & DHCP & To ISP \\ \hline R1 & G0/0.10 & 192.168.10.1/24 & To Client VLAN \\ \hline R1 & G0/0.15 & 192.168.15.1/24 & To VPN VLAN \\ \hline R1 & G0/0.20 & 172.16.20.1/24 & To Wireless VLAN \\ \hline R1 & G0/0.99 & 192.168.99.0/24 & To Server VLAN \\ \hline R1 & G0/0.256 & 10.0.10.1/24 & To Management VLAN \\ \hline R1 & G0/0.100 & 192.168.100.1/24 & \\ \hline S1 & VLAN256 & 10.0.10.2/24 & Management SSH Interface \\ \hline XPSP1 & NIC & 192.168.100.2/24 & Running specialty software \\ \hline DC01 & NIC & 192.168.99.10/24 & Domain Controller, DNS \\ \hline \end{tabular} Defensive security involves focusing on reactive measures to breaches and includes processes such as finding system vulnerabilities, patching security flaws, and retiring software that introduces excess risk into an environment. For this assignment, you will be given a networked information system with an access control matrix. You need to conduct a risk assessment by evaluating network security threats, physical media vulnerabilities and auditing system security. Scenario The Book Blazer Publishing Company just found out they may have been hacked! They have been concerned for quite some time that a competitor has been stealing book ideas from their content management system (CMS). As the city's premier security consultant, they retain you to verify whether this is true or not. You are given an architecture diagram of the CMS which consists of: 1. Web server to house the web site front-end 2. Application server to provide data processing functions 3. SQL server to house content metadata 4. File server on which content is stored 5. Firewall to protect the system 6. VPN appliance so employees can reach the CMS from the outside You are also provided the following access control matrix showing each group and what access they have to each component: After conducting a risk assessment by evaluating network security threats, physical media vulnerabilities and auditing system security, you are able to verify their worst fears! To help the CEO and CIO understand what is happening, you will need to discuss in the class detailing the types of risk discovered. INTERNET IP ADDRESSING TABLE \begin{tabular}{|llll|} \hline \multicolumn{2}{|l|}{ NAME INTERFACE } & ADDRESS & \multicolumn{2}{l|}{ DESCRIPTION } \\ \hline R1 & G0/1 & DHCP & To ISP \\ \hline R1 & G0/0.10 & 192.168.10.1/24 & To Client VLAN \\ \hline R1 & G0/0.15 & 192.168.15.1/24 & To VPN VLAN \\ \hline R1 & G0/0.20 & 172.16.20.1/24 & To Wireless VLAN \\ \hline R1 & G0/0.99 & 192.168.99.0/24 & To Server VLAN \\ \hline R1 & G0/0.256 & 10.0.10.1/24 & To Management VLAN \\ \hline R1 & G0/0.100 & 192.168.100.1/24 & \\ \hline S1 & VLAN256 & 10.0.10.2/24 & Management SSH Interface \\ \hline XPSP1 & NIC & 192.168.100.2/24 & Running specialty software \\ \hline DC01 & NIC & 192.168.99.10/24 & Domain Controller, DNS \\ \hline \end{tabular}

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Accounting Questions!

Forecasting an Income Statement ADP reports the following income statement. AUTOMATIC DATA PROCESSING INC. Statement of Consolidated Earnings For Year Ended June 30, 2019, $ millions Total revenues...

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Final: CPM Course Reflection Paper The Ask: You have the choice to submit your reflection in one of two formats: 1. A Written Reflection: A 3-5 page word paper. 2. A Video Reflection: An 8-13 minute...

Information Security Risk Management ITC6315 Assignment 2 Assignment For this exercise, read the provided case study about AcmeHealth, and rate the risk exposure for each finding related to the...

ISSUES IN ACCOUNTING EDUCATION Vol. 26, No. 3 2011 pp. 521-545 American Accounting Association DOI: 10.2308/iace-50031 Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with...

IntroductionBasic Overview of Topic:Artificial Intelligence has emerged as a disruptive technology in a variety of fields, including cybersecurity.The use of Al into cybersecurity systems aims to...

Put together 10-20 slide presentation with recorded audio that demonstrates how you would present and deliver your capstone project to your intended audience. Your presentation should be persuasive,...

Write a paper about Walgreens and their leadership. Any current leadership issues should be addressed. Anything that has changed recently for the company should be addressed as well.

Briefly explain why accounting standards related to fair value estimates make the audit of financial instruments more complex.

In a loan strip, the risk of the borrower default: is retained by the seller. Is transferred to an SPE. is transferred to the buyer. is negilgible and therefore, a non - issue.

Elizabeth Island Airways scher. Ellermalogenal airine serving the New England area, recently suffered a major cras. As a result passengers are considered to be shy choose As there comer when making...

Recruitment. With an emphasis on specialized skills and the possibilities of enhancing qualifications within the company through further training, recruitment is often first through internal sourcing...

An emphasis on Technik as both means and ends. The importance of engineering knowledge and craft skills that go into production is evidenced by the high standing of engineers in society and in...

Reward systems. Wage levels are complex and involve issues of wage fairness with principles laid down in collective wage agreements, labourmanagement agreements and individual contracts of...