You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains:
2 – Firewalls
1 – Web / FTP server
1 – Exchange Email server
1 – Network Intrusion Detection System (NIDS)
2 – Windows 2008 Active Directory Domain Controllers (DC)
3 – File servers
1 – Wireless access point (WAP)
100 – Desktop / Laptop computers
VoIP telephone system
The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could have on the organization.
Write a four to five (4-5) page paper in which you:
Analyze and assess any potential malicious attacks and threats that may be carried out against the network.
Illustrate in writing the potential impact of all identified malicious attacks and threats to the network and the organization.
Analyze and assess all potential vulnerabilities that may exist in the documented network.
Illustrate in writing the potential impact of all identified vulnerabilities to the network and the organization.
Include at least three (3) references (no more than 2-3 years old) from material outside the textbook.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Explain the concepts of information systems security as applied to an IT infrastructure.
Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure.
Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
Use technology and information resources to research issues in information systems security.
Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions.