PricingBlogAbout Us

IT Security Analysis for Red Star Nationwide Insurance

Verified

Added on  2022/08/16

|8
|832
|14
Homework Assignment
AI Summary
This assignment presents an in-depth analysis of IT security, focusing on a New York City branch's IT assets, including desktop PCs, LANs, and various servers. It identifies and categorizes cyber-security threats such as ransomware, phishing, data leakage, hacking, and insider threats, while also proposing corresponding countermeasures. The analysis then highlights the Global HR database as a critical IT asset, detailing potential threats like excessive privileges, data leakage, data corruption, DoS attacks, and unauthorized access to sensitive data. It provides specific countermeasures for each threat. Finally, the assignment recommends an incremental backup strategy for Red Star Nationwide Insurance (RSNI), explaining its characteristics and advantages, emphasizing its efficiency in terms of time, storage, and cost-effectiveness.
tabler-icon-diamond-filled.svg

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: ANALYSIS OF IT SECURITY
ANALYSIS OF IT SECURITY
Name of student
Name of university
Author’s note:
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1ANALYSIS OF IT SECURITY
Question 1:
Branch name:
New York City
Analysis of IT assets:
In this branch of New York City, the IT assets are the followings:
445 Desktop PCs
20 LANs
Print Server
Email server
FTP server
Global HR database
Global Customer database
Analysis of targets in IT system:
Global HR database
FTP server
Email server
Desktop Pcs
Question 2:
Analysis of cyber-security threats:
Document Page
2ANALYSIS OF IT SECURITY
Some of the most significant cyber-security threats that this organization needs to consider
are the followings:
Ransomware:
In this type of security threat, data is encrypted through application of malware and in order
to obtain access those data, owner of data needs to pay ransom and therefore, it is a popular
security exploitation technique preferred by hackers as well.
Phishing:
It is a popular security exploitation technique in which access to sensitive information is
ensured where person who is implementing this technique present them as a legitimate person
to obtain trust of owner of data.
Data leakage:
Data leakage refers to flow of data from data sources which is then accessed by someone who
is not authorized to access those data.
Hacking:
It refers to process of obtaining access to IT assets of an organization from outside of the
organization and obtain important organizational data as well.
Insider threat:
Sometime employees of organization leaks data mistakenly or intentionally which is an
important threat for any IT security of an organization as well.
Categorization of threats:
Type of threats Category of threats
Document Page
3ANALYSIS OF IT SECURITY
Ransomware External
Phishing External
Data leakage External
Hacking External
Insider threat Internal
Analysis of counter measures for identified threats:
Ransomware:
Increase self-awareness among employees
Install proper anti-virus and malware protection software
Ensure data back-up
Phishing:
Employees should not provide any sensitive information to anyone outside
organization
Do not respond to emails that are not sent from authentic sources
Turn on spam filter
Data leakage:
Ensure strong password and authentication for IT devices that have access to
organizational data
Application of encryption software
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4ANALYSIS OF IT SECURITY
Regular data audit
Hacking:
Application of network firewalls
Security policies regarding data access
Detailed strategies to provide and remove access
Enhance awareness of employees and provide training
Insider threat:
Limit access of employees to data
Provide training to employees to ensure that they have proper knowledge how to
ensure data security
Ensure employee activities are properly monitored for enhancing data security
Analysis of most important IT asset:
The name of the IT Asset
Global HR database
Cyber-security threats against this particular IT asset
Excessive privileges:
Excess privileges might lead to illegal access to data and sharing this data outside
organization which affects organizational security and privacy as well.
Data leakage:
Document Page
5ANALYSIS OF IT SECURITY
Data might be accessed by someone outside organization through exploitation of data base
security.
Data corruption:
Data might be corrupted for issues in database storage and this is an important security issue
as well.
DoS attack:
In this security issue, entire database server slows down and it is not possible for someone to
access data from database as well.
Access to sensitive data:
It is possible to identify required credentials to access database and obtain sensitive data as
well.
The countermeasures that are applied to protect this particular IT Asset
Excessive privileges:
In order to manage this security issue, it is required to limit access of employees to database
and access should be provided according to roles of employees as well.
Data leakage:
Application of strong password and authentication for access to data
Data corruption:
Ensure data backup
DoS attack:
Document Page
6ANALYSIS OF IT SECURITY
Reduce time for connection establishment, apply dynamic backlog mechanism and apply a
network Intrusion Detection System or IDS.
Access to sensitive data:
Encrypt sensitive data and apply controls and permission for accessing database as well.
Question 3:
Red Star Nationwide Insurance (RSNI) need to consider "the weekly backup" which is in
accordance with the industry regulations. And, for fast end-of-the-week backup, storage
requirement should be less and it needs to be cost effective so that it is possible to save some
money required for purchasing the memory space. In this context, type of backup that is
recommend is incremental backup.
Explanation of the characteristics of the backup type
Backup is taken weekly
Only data that is modified from previous backup is copied
It only consider files that are modified from previous access to these data
Analysis of the advantages of the backup type
Only smaller amount of data is copied
Requires less time for back-up
Requires less storage to store data
Cost effective
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7ANALYSIS OF IT SECURITY
chevron_up_icon
1 out of 8
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.