CYBR10
mconteh1987
mohamedconteh609-IP2.pptxComputing systems
Mohamed Conteh
Cecile Jackson
CYBR609-2001A-01
Colorado Technical University
January 22, 2020
Overview
Overview of the organization’s computing environment and networks
Environmental factors are becoming a major challenge to the company’s computer systems. Companies have become vulnerable in a way that they are easily affected by malicious attacks. Information technology has grown rapidly due to the growing technology. The more technology is on the rise, the more risks are increasing. It is something that is likely to affect the organization’s computing systems in a way that it will hinder the normal functioning of the organization. It is something that needs to be dealt with in a way that it will help come up with solutions affecting most organizations. In this case, the organization is most affected as its systems are not secure. The company’s network systems has been affected for a while inflicting the organization into serious threats.
2
risks
Computer systems considered to be of high risk.
Types of threats
The computer system within the organization is likely to be affected by different threats. The threats may either be physical or non physical. The physical threats that are likely to affect the computer systems are either classified to be internal, external or human threats. The internal factor that will affect the organization include high humidity in the rooms that houses the hardware system, fire and unstable power supply. The computer systems can also be affected by earthquakes, lightning and floods. The other physical risks that are likely to affect computer systems are classified to be human risks such as intentional errors, vandalisms, disruption and theft.
3
Risks
Non-physical threats
The computer systems within the organization are also likely to be affected by non-physical threats. Non physical threats are those threats caused by third parties. One of the threats that disrupt the normal function of the organization are cyber security breaches, loss of system data, losing sensitive information, disrupting business operations that mostly rely on computers and illegal monitoring of activities taking place in the computer systems. Non physical threats are also considered to be logical threats. There are number of other threats likely to affect the organization including worms, virus, adware, phishing, key loggers, Trojans and distributed denial of service attacks.
4
vulnerability
Definition of vulnerability
Different types of vulnerabilities
How to scan the vulnerabilities
Vulnerabilities can be defined as defects within a computer system which will create room for an attack. They can also be termed as types of weaknesses which are present within a computer. It involves a number of procedures hence anything can invade the system’s information security exposing it into different threats. There are different types of vulnerabilities likely to affect the computer system. Some of the vulnerabilities include; missing data encryption, bugs, SQL injection, weak passwords, use of broken algorithms, buffer overflow and OS command injection. There are possible ways that can be used to scan the vulnerabilities. One of the ways is through regular scanning and updating the security patches.
5
Implementation
Explaining the patches
How to implement the patches
A patch can be identified as different changes directed to a computer program. It helps support data that is meant to improve the computer system and help in the process of updating the computer. Patches include fixing bugs, security vulnerabilities which are identified as bug fixes. They play a better role in improving the system functionality, performance and usability. The patches often get installed in a programmed form that is controlled by human programmers using a debugger. It will help in different program files such as computer memory and storage device. A patch management strategy will play a key role in ensuring that the company is well protected and free from vulnerabilities.
6
Effective vulnerability
Coming up with effective vulnerability management program
It is essential for organizations to consider an effective vulnerability management program. The program will aid the organization come up with better ways of preventing the vulnerabilities. The vulnerabilities may be harmful in a way that they will barer company activities from taking place. The management program will help the management determine how to come up with different ways of protecting its systems. One thing to consider is how the vulnerabilities are introduced into the system and how they can be reduced. The management program will also stipulate the best methods of introducing protective measures that will help curb the vulnerability.
7
Explaining the differences
Differentiating patches and why its best to implement.
Patches can be stated in different forms. They need to be tested from time to time to ensure that they are running well. The difference between testing and production of the networks is that testing allows one to determine whether the networks are correctly working. They help one know whether the networks have been inflicted by any kind of threats. Testing is therefore meant to help the company determine how effective their systems are.
On the other hand, production of networks is where the management comes up with networks that are free from patches. The networks that are free from vulnerabilities.
8
References
Threats and Vulnerabilities. (2015). Computer Security Handbook, II.1-II.2. doi:10.1002/9781118851678.part2
Wang, L., Yan, J., & Ma, Y. (2019). Cloud Computing in Remote Sensing. doi:10.1201/9780429488764-3
Watson, V., Lou, X., & Gao, Y. (2017). A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls. Proceedings of the 14th International Joint Conference on e-Business and Telecommunications. doi:10.5220/0006426504440449
