logo

Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation

Security Assessment Report Template for a system

14 Pages2277 Words186 Views
   

Added on  2023-04-26

About This Document

In this assessment we will discuss about organisation  security and below are the summaries point:-

  • The report discusses the risk assessment of XYZ organisation and identifies several security vulnerabilities, threats, and gaps in its infrastructure.

  • The vulnerabilities include improper system configuration, insecure/exposed ports, poor anti-virus implementation, weak password implementation, and lack of appropriate security policies.

  • The threats to the infrastructure include spam, DDoS attacks, and web application attacks.

  • The report also evaluates the implications of these vulnerabilities and threats on SMB data protection for intellectual property.

  • Finally, appropriate business strategies for ensuring business sustainability, availability, and reliability are provided.

 

Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation

Security Assessment Report Template for a system

   Added on 2023-04-26

ShareRelated Documents
Running head: SECURITY ASSESSMENT
SECURITY ASSESSMENT
Name of student
Name of university
Author’s note:
Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation_1
1
SECURITY ASSESSMENT
Table of Contents
Introduction....................................................................................................................2
Discussion......................................................................................................................2
Vulnerabilities, threats, and gaps in infrastructure of XYZ organisation..................2
Implications of the security threats and vulnerabilities..............................................4
Business strategies for ensuring sustainability, reliability, and availability..............6
Conclusion......................................................................................................................7
References......................................................................................................................9
Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation_2
2
SECURITY ASSESSMENT
Introduction
This report aims to discuss the risk assessment of an organisation. The chosen
organisation is the XYZ organisation where there are several security vulnerabilities and the
security assessment is provided for the organisation. The evaluation of the vulnerabilities,
threats and the gaps on the infrastructure of the organisation for identifying the suitable
security measures and reducing the impact of the risk on the business process is done briefly
in this report. The evaluation of the implications as this implies to the SMB data protection
for the intellectual property is provided in this report. The appropriate business strategies for
ensuring the business sustainability, availability, and reliability is provided in this report.
Discussion
Vulnerabilities, threats, and gaps in infrastructure of XYZ organisation
The malicious users are always trying to sneak in the networks and then creates
significant problems and it impact the organisation infrastructure extensively. Commonly,
the aspect of system vulnerability is the flaw or the weakness in design or the implementation
of the information system that includes the procedures of security and the controls of security
linked with the system, which could be unintentionally or intentionally exploited for
adversely affecting the assets or operations of the organisation using the loss of
confidentiality, availability or the integrity (Fragkiadakis, Tragos & Askoxylakis, 2013).
Some of the common vulnerabilities of the infrastructure of the company are:
1. Improper system configuration.
2. Insecure/exposed Ports
3. Indiscriminate enabling of services
4. 8. Easy access to information.
5. Poor anti-virus implementation.
Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation_3
3
SECURITY ASSESSMENT
6. Poor firewall deployment.
7. Week password implementation.
8. Application backdoors.
9. Downloading of files and applications from sites that are not trusted.
10. Lack of appropriate security policies.
11. Unsecure applications/programs as a result of poor programming practices.
Some of the common security threats to the infrastructure of the organisation are:
Spam: several organisations in the present world are facing this security threat and it
leads to the theft of all the data of the organisation. The malicious users of inject several spam
emails in the server of the company and when the users open these emails then sometimes
viruses are downloaded in the systems.
DDoS attacks: The servers of any organisation is the primary target in these attacks.
These attacks are intended to damage the network of the company or disrupt the regular
working of the network (Fragkiadakis, Tragos & Askoxylakis, 2013).. With the leveraging of
the web, the NTP and the DNS servers, the strength and the size of the DDoS attack can be
amplified. While the conventional PC based botnets cannot be replaced by the servers, the
increased capacity of computing and the bandwidth enables these attackers to execute the
destructive attacks.
Web application attacks: The cyber criminals launches the web attacks like the cross-
site request forgery (CSRF), SQL injection, and cross-site scripting (XSS) and tried to break
in the applications and then steal the data for achieving profit. Moreover, the attackers targets
the vulnerable web servers and then install the malicious code for transforming these attacks
for the sources of DDoS attacks.
Security Assessment: Risk Assessment and Security Vulnerabilities in XYZ Organisation_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
IT Security and Risk Management: Threats, Malware, and Solutions
|17
|4012
|187

Information Systems Security: IT Security Fundamentals, Vulnerabilities, and IBM Security Architecture
|5
|747
|57

Computer Security: Elements, Issues, and Frameworks
|15
|5037
|1

ISY2003 Information Security
|15
|2806
|80

Network Security Threats and Recommendations
|5
|1141
|66

Information Security Management
|11
|1872
|423