Sec 280 Week 1 Case Study

WEEK 2 CASE STUDYSEC 280Gregory WatersYou are the Information Security Officer at a medium-sized company (1,500 employees). The CIO asks you to explain why you believe it is important to securethe Windows and Unix/Linux servers from known shortcomings and vulnerabilities. Explain to your CIO what you can do to make sure the network infrastructure is more secure.The first point that I will address consists of the multiple dangers that computer networks are exposed to. A majority of these are done by perpetrators that gain access to servers of Windows and Linux in order to exploit their vulnerabilities. In October 2002, the SANS institute listed Internet Information Server (IIS) as the top Windows vulnerability and Remote Procedure Call (RPC) as the chief concern on UNIX(Hurley, 2002). For this reason, the CIO should become familiar with how these vulnerabilities can be used in favor of “hackers” and their malicious codes. The use of these codes, malware in the form of viruses, worms, time bombs or any peculiar name these individuals use to give to their destructive toys, are a major concern to the protection of confidential information. Most of data on these servers is composed of Personally Identifiable Information (PII), credit, and property information. This information, collectedand compiled on servers, is very attractive to “black hat” programmers that try gain access to them. Identity theft atrocities are not limited to the software and information

Running head: PING SWEEPS AND PORT SCANS 2 Introduction This report provides information about ping sweeps and port scans. Both of these are used by unethical people to gain unauthorized access. This is an effort to provide basic information about such activities to the head of a data managing company that manages the information and telephone bills of a local area. The company has a local area network with a number of computers and a server. The data is confidential and hence, needs to be completely secure. In the absence of effective security, the company as well as its clients and customers may have to suffer huge losses. Ping Sweeps and Port Scans Harmful activities by unethical people are common these days. The networks are broken into against security using a number of techniques. Scanning the network is one of such techniques, and is mostly used first of all other techniques. Scanning of network includes the activities Ping Sweeps and Port Scans. Ping sweep sends an

0 thoughts on “Sec 280 Week 1 Case Study”

    -->

Leave a Comment

Your email address will not be published. Required fields are marked *