Security Audit

1287 Words3 Pages
bulb-icon

Recommended: Best Practices for Network Security

• The HoneyTree was hired by another company to conduct a security audit to examine the vulnerabilities of its information systems. To complete the security audit, it must be determined if there are vulnerabilities of its informational system. The set up and the overall security of the network area will be tested. The company is a five building campus. All five buildings, inside and outside will be tested. The perimeter of the campus will also be tested to make sure that no internet service is outside the campus. In order to complete the audit a list of all users, databases, and passwords will be needed. Access to the grounds to observe who has access to what will also be crucial. Going in and out of buildings into rooms will help identify which rooms have computers and who has access to them. Access to servers and the central hub will also be needed to test the security.

• The procedure that will take place during the audit will be thorough. All five buildings will be tested, inside and outside. The audit will test for user authentication, firewalls, penetration, eavesdropping, human error, surveillance, user access and Wi-Fi access. It will also inspect the security of the central hub with connected servers. There are five buildings on campus all connected to a campus area network. Each individual building has its own Wi-Fi LAN. None of the five buildings allow internet service outside the campus. The buildings connect to one another by a central hub. This central hub has a blade database server, internet/email server, a backup server and a router. During the testing time, outside audits will be conducted and inside on campus as well. The architecture of the network needs to be tested making sure that network ...

... middle of paper ...

...sonal. A system of keys, maybe even biometrics identification, and cameras should also be monitoring the servers to make sure it is difficult to gain direct access to them. Outside the buildings, there should be security cameras monitoring all the people walking outside and entering the buildings. If something were to occur, you could use the surveillance of the cameras to possibly identify any suspects. In order to use the surveillance at night, the campus should be well lit. A follow up will be conducted in four months to see how the security of the campus is doing. The suggestions that were given should be in place or being worked on to secure the network. The follow up will also make sure there are no new threats to security. This will show that the audit was taken seriously and security measures are being put into place in order to secure the network.

Show More
Related

  • Caregroup Case Study

    806 Words  | 2 Pages

    Don’t hesitate to bring in experts to make sure your network is configured properly. Correct assessment, however the lesson doesn’t factor in when to bring in an expert. Despite an over-reliance on technology, there needs to be a timeframe for this expert and how their analysis will support overall technological requirements.

    Read More

  • Building A Better Mis Trap Case

    739 Words  | 2 Pages

    In this case, a large health services organization (HSO) in Florida, that has a world-renowned AIDS treatment center had information breach of 4,000 HIV+ patient records, and the list was sent to newspapers, magazines, and the internet. Consequently, this issue was featured in every media vehicle in the world and as CEO, you are requested by the board of trustees to come up a better management information system (MIS) to resolve all information security issues or you will face termination. After hiring an undercover computer security consultant to help determine where the security leak came from, she quickly identifies numerous breaches in computer security and provides a report with the issues identified. The report furnished by the consultant revealed that facility had major problems with the MIS and the staff. In order to determine how to address the issues, the CEO must first answer the following questions: what law is being violated by the employees, why was this law enacted, what are the penalties for such violations, what are the penalties for sharing celebrity information, and should he be updating his resume and looking for another job (Buchbinder, 378).

    Read More

  • Securing Aim Higher College's Digital Infrastructure

    744 Words  | 2 Pages

    To help resolve the issue it is highly critical to implement a trace route to see if all networks are intact and no network has been compromised. Next step would be to install anti-malware, anti-spyware as well as firewalls to help protect against the attacks. Other steps that could be implemented to protect against the attack would be to implement strong and lengthy passwords even consider encrypting the passwords since it correlates to sensitive data. Other safe practices that can be looked into is to have security access control measures where students and faculty have inside exposure of the website or in other words to be able to read/write and outsiders just have limited input.

    Read More

  • The Healthy Body Wellness Center

    1145 Words  | 3 Pages

    The HBWC business objectives should be included in the Information Security Management System (ISMS) as this document will represent the organizations approach in designing, implementing, and auditing the company 's information system security objectives. In order for the ISMS to be applicable and appropriate to the organization, an examination of the business objectives of the company is required. This step is necessary to understand the needs to the organization when designing these objectives.

    Read More

  • Outsourcing Information Security Consultants

    1798 Words  | 4 Pages

    Evaluate the Specifications of Information Security Consultants (vendors) to Become a Strategic Partner Assisting in the Reduction of Information or Security Risks

    Read More

  • Aim Higher College: A Case Study

    741 Words  | 2 Pages

    The first odd network behavior that was reported by the network engineers and the system administrators was an analysis that showed that a single host on the network is opening hundreds of SSH sessions to every single other host on the Aim Higher College’s network every minute. This attacker or hacker is flooding the network with the SSH sessions to bring the web servers down to get some classified information. The second odd behavior was reported that hundreds of hosts are constantly sending SYN packets only to one of the web servers on the Aim Higher college’s campus. Furthermore, this attacker is trying to flood one of the web servers just by

    Read More

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • Internal Audit Case Study

    1665 Words  | 4 Pages

    According to the article authored by Mark Rupert, what are the seven best practices in the roles and responsibilities of an internal audit function?

    Read More

  • Case Study On Tjx Breach

    817 Words  | 2 Pages

    Implement physical security: - “Physical security protects people, data, equipment, systems, facilities and company assets” (Harris,

    Read More

  • Network Security

    1526 Words  | 4 Pages

    ABSTRACT : This paper describes the basic threats to the network security and the basic issues of interest in designing a secure network. it describes the important aspects of network security. A secure network is one which is free of unauthorized entries and hackers. INTRODUCTION

    Read More

  • Essay On Homeland Security Assessment

    625 Words  | 2 Pages

    Issues that will fall under this umbrella will be management accountability, fiscal liability, internal and external audits and protection of stockholder and stakeholder interests” (Fisher, 2004). An area of concern for both customers and vendors will be how well the organization can protect the information system that houses secured information such as a customer’s financial institution, bank routing numbers and account numbers. The same will apply to a vendor’s need of protection. If an organizations electronic accounting data base where to be hacked into and the information were to fall into the wrong hands, a company could be destroyed financially. An organization’s performance review also plays a vital role in the homeland security assessment. In conducting a review on this level I will obtain information as to “how the senior leaders translate organizational performance review findings into priorities for continuous and breakthrough improvement of key business results and into opportunities for innovation” (Fisher,

    Read More

  • Reflective Practice Audit

    1089 Words  | 3 Pages

    For this I have constructed a table to show aims that I need to meet

    Read More

  • The Traditional Audit Without Technology

    1360 Words  | 3 Pages

    The major characters of the tradition audit are all information what is needed by auditors are on the paper and the manual calculators and without high communication technology. Auditors usually were limited by the place in the paper time. When a several people are working on the same auditing project for a client with offices in cities across the country, even worldwide, it takes a lots all time those auditors get the information which they need from the client, even there is risk paper information disappear for many reasons. on the another hand, mail paper information increase the auditing cost. The mistake caused by the manual calculators inevitably, no matter how fixed auditors concentrate on recalculate is, after all auditors are human. The global business become major in the modern business world, some example, several auditors who are in different locations are working a same auditing project, or auditors are in different city even country with the client, when there is issue among these auditors or between auditors and client, they only can communicate with each other by phone or be together and have meeting. Phone call can not make sure information been watched in the same time when the voice is talking about the issue, but having a meeting takes time and money make all people together, it increases auditing cost.

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

  • The History of Auditing

    3399 Words  | 7 Pages

    The evolution of auditing is a complicated history that has always been changing through historical events. Auditing always changed to meet the needs of the business environment of that day. Auditing has been around since the beginning of human civilization, focusing mainly, at first, on finding efraud. As the United States grew, the business world grew, and auditing began to play more important roles. In the late 1800’s and early 1900’s, people began to invest money into large corporations. The Stock Market crash of 1929 and various scandals made auditors realize that their roles in society were very important. Scandals and stock market crashes made auditors aware of deficiencies in auditing, and the auditing community was always quick to fix those deficiencies. The auditors’ job became more difficult as the accounting principles changed, and became easier with the use of internal controls. These controls introduced the need for testing; not an in-depth detailed audit. Auditing jobs would have to change to meet the changing business world. The invention of computers impacted the auditors’ world by making their job at times easier and at times making their job more difficult. Finally, the auditors’ job of certifying and testing companies’ financial statements is the backbone of the business world.

    Read More

More about Security Audit

Open Document