logo

Risks, Threats, and Vulnerabilities in Bank IT Infrastructure

   

Added on  2023-04-22

3 Pages803 Words366 Views
Q1) The CIO would like to know the example risks for each of the seven domains of the
bank IT infrastructure (Users, Workstations, LAN, LAN to WAN, Application, WAN,
and Remote). Fill the table below.
Risks, Threats, and Vulnerabilities Primary Domain Impacted
User clicks on a link in a phishing e-mail Users Domain
Intra-office employee romance gone bad Users Domain
No anti-virus is installed on desktops Workstations Domain
LAN Server OS has a known software vulnerability Workstations Domain
Need to prevent rogue users from unauthorized LAN
switches
LAN Domain
Denial of service attack on organization e-mail
server.
LAN Domain
Hacker penetrates IT infrastructure LAN-to-WAN Domain
Communication circuit outages LAN-to-WAN Domain
Unauthorized access to the application server from the
public internet
Remote Access Domain
VPN tunneling between remote computer
ingress/egress router
Remote Access Domain
Fire destroys headquarter servers System/Application Domain
Workstation browser has software vulnerability System/Application Domain
Internet Service Provider has a major network outage WAN Domain
Unauthorized access from public internet WAN Domain
Q2) Pick four entries from Q1 and briefly explain (two sentences) the threat
vulnerability pair.
User clicks on a link in a phishing e-mail (Users domain) – clicking a link in one of these
emails may install malware, for instance, spyware on your device and may be undetectable to
an average user. Once installed the malware can be used to steal sensitive information or can
provide the scammer with remote access to your device (Peltier, 2016).
No anti-virus is installed on desktops (Workstations Domain) – if these desktops are
connected in a workstation, then having no ant-virus may provide a loophole where viruses
can affect the whole workstation domain.
Risks, Threats, and Vulnerabilities in Bank IT Infrastructure_1

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Risk Assessment for Information Security and Risk Management
|7
|1064
|150

Ethical Hacking: Methodology, Tools and Penetration Testing
|17
|1703
|348

Home Network Vulnerabilities
|5
|858
|297