Answered You can hire a professional tutor to get the answer.
Hi, need to submit a 1250 words essay on the topic Case Study 4: Remote Access Attacks.It is important to analyze the network diagram and the information provided in the case study to determine vulner
Hi, need to submit a 1250 words essay on the topic Case Study 4: Remote Access Attacks.
It is important to analyze the network diagram and the information provided in the case study to determine vulnerabilities that are existent in the current system. These three categories include threats from inside the organization, from users gaining access as a third party, and public access. This company appears to be at risk from users inside gaining access to private and privileged information. As the network diagram clearly shows, there are no built-in protection between computers inside the organization to keep users with legitimate passwords from gaining access to another computer within the facility, without the other individual user knowing about it. This is commonly referred to as an attack from an inside view, and it is a major concern for this company under its current structure. With a lack of password protocol in place, individual employees and contractors have access to the network and data house inside the network. This entails being able to look up payroll record, altering personnel information, and potentially even gaining access to client payment data. All of these are serious violations of professional conduct, yet would be relatively easy actions to accomplish by an employee with even the most rudimentary knowledge of gaining user access. To minimize the risks from inside users, procedures begin with eliminating potential abusive employees before they are even hired. Because the company deals with sensitive information, it would be useful to have a background check procedure in place. Any computer related crimes on an individuals record would be a red flag that they could pose a problem given the companies weak security to this point, and their reluctance to spend much money to provide significant upgrades. In addition, passwords company-wide should be changed on a regular basis, and immediately after an employee in terminated. Many companies only eliminate the password of the terminated employee from the system, but they fail to realize that the individual may have gained access to other passwords during their tenure at the organization. As currently structured, the Quick Finance Company is also vulnerable to an attack from the outside, gaining access from the inside. This can happen in the form of a current employee giving his password to a hacker on the outside, or unknowingly bringing a virus into the facility. Again, with inadequate firewall protections put into place, this company has little hope of blocking attempts from a dedicated hacker with a proper password. Once inside the system, gaining access to any of the nearly 100 computers in the system, a hack would be able to gains access to the System 1000 mainframe, at which time all company data would be accessible. In addition, as demonstrated in Quick Finance Companies network diagram, the VPN server is continuously uploading information to the cloud, yet the company has not implemented any security measures to safeguard that attack from outside users. In essence, user view vulnerability appears to be a major issue for the company, owing to many of the factors previously stated. With inadequate password security, and a regular rotation of changing log-in protocols, any password that falls into the hand of a potential hacker could go undetected for quite some time.
