Authentication and Authorization Methodologies Presentation
Running head: SECURITY VULNERABILITY REPORT 1
A Security Vulnerability Report
Student’s Name
Institutional Affiliation
Instructor’s Name
Date
SECURITY VULNERABILITY REPORT 2
A security vulnerability report
The security of the organization’s IT infrastructure is very critical in ensuring the safety of the
information of the organization. From the internal review conducted on the organization’s IT
infrastructure, it is noticeable that several vulnerabilities exist which can be exploited by the
attackers. The vulnerability severity for the IT infrastructure of the organization is high and thus
important to have the countermeasures in place to help in averting the threats on the system. The
privacy and public reputation is very important in this era and thus ensuring the integrity of the IT
system of an organization requires the implementation of techniques that will minimize the impact
of the probable attacks. The vulnerabilities and the countermeasures are as discussed in in this
paper.
To begin with, Light’s On Dance’s(LOD) system has a high severity vulnerability which means
that the cybercriminal can compromise the system’s confidentiality, thus leading to loss of
integrity and availability of data. The use of weak passwords possess a very great danger to the
organization’s system, especially considering that weak passwords make it easy for attackers to
compromise administrative portals. In order to enhance the security of the system, LOD shall
employing multi-factor authentication. This will ensure integrity with password systems, thus
strengthening and minimizing intruders ability to gain unauthorized access to LOD’s system. With
multi-factor authentication users are forced to pass authenticity tests prior to gaining access to the
system so as to ensure only authorized persons access the system (Neves, Nunes, &
Lourenço, 2016 ).
Software configuration management lacks in the organization’s server which has a moderate
vulnerability severity. Therefore, the server may fail to maintain consistency in terms of
1
2
3
4
SECURITY VULNERABILITY REPORT 3
performance, leading to denial of services.(DOS) Self-inflicted DOS may occur within LOD’s
server, especially from overloading or increased activities. Due to increased production with the
server; Server downtime may result, which consequently affects normal performance. The
installation of software configuration management with the server will help in preventing the
server’s downtime challenges, due to the self-inflicted DOS. This will ultimately lead to Enhancing
performance of LOD’s website. Lastly, installation of software configuration management is
necessary. Software Configuration management has auto-scaling capabilities which helps in
managing the server’s traffic, thus ensuring efficiency with LOD’s server. This will also ensure
that the vulnerabilities at the server level are minimized and thus preventing the self-inflicted
threats (Boulanger, 2017).
LOD lacks an incident response plan(IRP), which possess a high vulnerability sever to the
organization. This is very risky to the organization, especially if the IT infrastructure is infiltrated
by cybercriminals. An IRP’s significance in cases of aftermath post security breach. In incidents
such as this, are indications of major issues that may corrupt LOD’s IT infrastructure. Operating
without an IRP will lead to serious implications to LOD’s, especially when dealing with an
incoming cyber security threats. Therefore, to effectively manage such occurrences, LOD’s
management should strongly consider developing a working IRP, which will ensure there is quality
monitoring. This will make the identification of incidences in an efficient and timely manner, thus
avoiding an instance of the interruption of services.
Conclusion
In conclusion, the organization has high risk vulnerabilities which need to be managed, so as to
enhance the security of LOD’s IT infrastructure. With appropriate measures it is possible to detect
5
6
7
SECURITY VULNERABILITY REPORT 4
high severity vulnerabilities and thus prevent the loss of organizational data and stoppage of
processes. Also, due to the advancement of the level of technology, the organization need to
consequently employ high level technology and techniques to counter the adversaries of the IT
infrastructure. Therefore, appropriate authentication mechanisms such as multifactor
authentication should replace single-factor authentication so as to ensure that gaining access to the
organization’s system is only by authorized persons. Also the organization’s management should
develop an Incidence Response Plan to ensure that the incidences are detected in a timely manner
and hence minimize the risks.
SECURITY VULNERABILITY REPORT 5
References
Boulanger, J. (2017). Configuration Management. Certifiable Software Applications 2, 87-96.
doi:10.1016/b978-1-78548-118-5.50007-7
Neves, P., Nunes, L., & Lourenço, A. (2016). Multi-factor Authentication for Improved
Efficiency in ECG: Based Login. Proceedings of the 3rd International Conference on
Physiological Computing Systems. doi:10.5220/0005936500670074
8
Comment Summary Page 2
1. Paper title is not considered section level one header per APA 2.05; thus, not bold 2. mostly good introduction including a brief background and preface of contents 3. Per APA 6th ed. 3.03, please use section level headers to guide your logical flow of ideas and concepts in your
papers. A good practice is to us the key elements or major points as section headings.
Section level one header Bold, Centered, & Upper-Lower case
4. good recommendation Page 3
5. Mostly good conclusion for thesis presented. Conclusion should present a recap of key points and summary of main emphasis/recommendation without repeating verbatim and exclusive of new information
6. ; the consequences of this deficiency was adequately explained 7. an appropriate recommendation was made but did not include required specificity.
Page 5 8. reference header not bold, per APA style
i. Only capitalize first word of title and subtitle per APA 6th ed. 6.29