logo

Information and Systems Security

Write a paper outlining a worst-case scenario where an attacker defeats physical security controls and bypasses access controls.

6 Pages1029 Words28 Views
   

Added on  2022-12-23

About This Document

This document discusses the importance of physical security in protecting hardware, networks, software, and data from physical activities that could damage enterprise data. It explores the issues in IT infrastructure, measures for physical security control, and the need for strict authentication and configuration control. The document also emphasizes the importance of surveillance and securing unused workstations.

Information and Systems Security

Write a paper outlining a worst-case scenario where an attacker defeats physical security controls and bypasses access controls.

   Added on 2022-12-23

ShareRelated Documents
Running head: INFORMATION AND SYSTEMS SECURITY
INFORMATION AND SYSTEMS SECURITY
Name of Student
Name of University
Author Note
Information and Systems Security_1
INFORMATION AND SYSTEMS SECURITY
1
Table of Contents
Introduction................................................................................................................................1
Issues in IT infrastructure...........................................................................................................2
Measures for Physical Security Control.................................................................................3
Conclusion..................................................................................................................................4
References..................................................................................................................................5
Introduction
Physical security can be defined as the protection of hardware, networks, software and
data from physical activities that could assist in damaging the data of the enterprise. Threats
includes theft, ruination, fire, natural disasters and terrorism. Due to the increased technical
threats like cyber-espionage, malware, hacking, the physical security is overlooked. The
physical attacks on the IT security can be of two types. Gaining access control in a server
room, doing modifications in the data by accessing any pc are some of the physical attacks.
For this reason, the Organization need to have proper security for their servers and need to
have backup in case some mishandling of data occurs.
Information and Systems Security_2
INFORMATION AND SYSTEMS SECURITY
2
Issues in IT infrastructure
As an instance, New Surfing Policy of PPC got activated without the consent of the
management system of the company due to which many users faced issues such as
interruption while accessing the internet, the data of the course got crashed overnight and
those who have requested for an OS update resulted in getting poor server performance. As a
result of the breakdown of data, the personal information of many students got hampered for
which PPC had to offer each student a service for identity protection. The reason for the
whole event was unrestricted access into the backup server.
There are three categories of Physical security threats which are internal, human and
external. The internal threats can be presence of humidity in the rooms containing hardware,
unsteady power supply, etc. The external threats involve natural disasters and the human
interruption involves theft, damage or accidental errors. The attackers make an effort to
bypass the core controls by using some methods. This attempt of decoding the control
mechanisms is a criminal activity.
Generally, most of the systems maintain username and password for security but the
attackers are well aware of the methods to seize passwords. For seizing the passwords the
attackers can choose a brute force attack, in which trial and error method is used to create a
matching passwords or can choose dictionary attack, in which the attacker just needs to find
the dictionary used for encryption. The workstations that are kept on the unallocated desks
can be vulnerable to attack, as these workstations are not checked regularly hence, the
attacker can access the computer anytime.
Information and Systems Security_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Network Design Proposal for XYZ Retails
|15
|873
|395

Organizational Information Security Risks and Policies
|21
|5652
|106

Project on Network and Information Security
|103
|21907
|91

Risk Assessment and Disaster Recovery Scenario
|5
|622
|433

What Is Business Continuity and Why Is It Important?
|10
|1590
|14

Threat Categories for Information Security: Prevention and Detection Techniques
|13
|1796
|257