Advanced Medicos Limited Security.
Added on 2022-08-31
15 Pages2386 Words14 Views
|
|
|
Running head: - ADVANCED MEDICOS LIMITED SECURITY
ADVANCED MEDICOS LIMITED SECURITY
Name of the Student
Name of the University
Author Note
ADVANCED MEDICOS LIMITED SECURITY
Name of the Student
Name of the University
Author Note
ADVANCED MEDICOS LIMITED SECURITY
1
Table of Contents
1. Task-1: Identification and Management of Asset:.................................................................2
1.1. Identification and classification:.....................................................................................2
1.1.1. Description of Assets:..............................................................................................2
1.1.2. Assigning of Unique ID:..........................................................................................3
1.1.3. Classification of Assets:...........................................................................................5
1.2. Information Security governance:...................................................................................6
1.3. Security Policies:.............................................................................................................6
2. Task-2: Vulnerability and Risk Management:.......................................................................7
2.1. Enterprise Risk Management:.........................................................................................7
2.2. Vulnerability Assessment Table (TVA Worksheet):......................................................9
2.3. Risk Management Strategy:..........................................................................................10
2.4. Risk Assessment Table:................................................................................................11
3. References:...........................................................................................................................13
1
Table of Contents
1. Task-1: Identification and Management of Asset:.................................................................2
1.1. Identification and classification:.....................................................................................2
1.1.1. Description of Assets:..............................................................................................2
1.1.2. Assigning of Unique ID:..........................................................................................3
1.1.3. Classification of Assets:...........................................................................................5
1.2. Information Security governance:...................................................................................6
1.3. Security Policies:.............................................................................................................6
2. Task-2: Vulnerability and Risk Management:.......................................................................7
2.1. Enterprise Risk Management:.........................................................................................7
2.2. Vulnerability Assessment Table (TVA Worksheet):......................................................9
2.3. Risk Management Strategy:..........................................................................................10
2.4. Risk Assessment Table:................................................................................................11
3. References:...........................................................................................................................13
ADVANCED MEDICOS LIMITED SECURITY
2
1. Task-1: Identification and Management of Asset:
1.1. Identification and classification:
1.1.1. Description of Assets:
Advanced Medicos Limited (AML) is a company within the field of healthcare that
sells medicated products. The company is an enterprise that consists of multiple assets and a
huge network over which the entire business of the company is carried out. However, it has
been identified that the network of the company has been lately facing some issues related to
security in regards to the network (Chen and Song 2016). For provisioning the company with
the required amount of security, important assets of information need to be identified. Some
of the information assets that belongs to Advanced Medicos Limited (AML) are,
i) Physical Database- the physical database exists within the country that is
primarily used for the purpose of storing all the personal information belonging to
the customers of the company.
ii) Server- these are the servers that is located at the server room of the company that
can be accessed by all the employees of the organization.
iii) ADSL router- is the one that provides internet connectivity to all the devices
connected to the network.
iv) 40 personal computers- is used by the employees to carry out the minimum work
on a daily basis.
v) 10 VoIP phones- are used by the employees to carry out communication with
clients or other offices.
vi) 2 Web server- this provides with the functionalities of web services as well as
payment procedures (Evans 2016).
2
1. Task-1: Identification and Management of Asset:
1.1. Identification and classification:
1.1.1. Description of Assets:
Advanced Medicos Limited (AML) is a company within the field of healthcare that
sells medicated products. The company is an enterprise that consists of multiple assets and a
huge network over which the entire business of the company is carried out. However, it has
been identified that the network of the company has been lately facing some issues related to
security in regards to the network (Chen and Song 2016). For provisioning the company with
the required amount of security, important assets of information need to be identified. Some
of the information assets that belongs to Advanced Medicos Limited (AML) are,
i) Physical Database- the physical database exists within the country that is
primarily used for the purpose of storing all the personal information belonging to
the customers of the company.
ii) Server- these are the servers that is located at the server room of the company that
can be accessed by all the employees of the organization.
iii) ADSL router- is the one that provides internet connectivity to all the devices
connected to the network.
iv) 40 personal computers- is used by the employees to carry out the minimum work
on a daily basis.
v) 10 VoIP phones- are used by the employees to carry out communication with
clients or other offices.
vi) 2 Web server- this provides with the functionalities of web services as well as
payment procedures (Evans 2016).
ADVANCED MEDICOS LIMITED SECURITY
3
vii) DHCP server- allows the company to keep their network working and provide the
end user devices with IP address allocation.
viii) Cisco Catalyst Switch- allows to control the network and the amount of internet
connectivity that flows through the entire network.
ix) Backup computer- this is used for storing the backup files for future references
connected to the internal network.
x) DNS server- maintains the domain names of all the computers that are connected
to the network of the company.
1.1.2. Assigning of Unique ID:
The information assets that have been identified within the Advanced Medicos
Limited Company have been assigned with some unique numbers for the ease of their
identification. These are as follows,
Physical Database:
Location- Storage Room.
Ownership- AML.
Unique ID- SA.01 (SA- Storage Asset).
Servers
Location- Server Room.
Ownership- AML.
Unique ID- NA.01 (NA- Network Asset).
ADSL Router:
Location- Work Room.
3
vii) DHCP server- allows the company to keep their network working and provide the
end user devices with IP address allocation.
viii) Cisco Catalyst Switch- allows to control the network and the amount of internet
connectivity that flows through the entire network.
ix) Backup computer- this is used for storing the backup files for future references
connected to the internal network.
x) DNS server- maintains the domain names of all the computers that are connected
to the network of the company.
1.1.2. Assigning of Unique ID:
The information assets that have been identified within the Advanced Medicos
Limited Company have been assigned with some unique numbers for the ease of their
identification. These are as follows,
Physical Database:
Location- Storage Room.
Ownership- AML.
Unique ID- SA.01 (SA- Storage Asset).
Servers
Location- Server Room.
Ownership- AML.
Unique ID- NA.01 (NA- Network Asset).
ADSL Router:
Location- Work Room.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents