Potential Security Weakness l: Hardware Vulnerability Aircraft Solution has a firewall vulnerability that weakens the network infrastructure. There are insufficient firewalls protecting Ass’s headquarters, currently there is only one Firewall between the Defense Division (AD) router and the main router. A firewall establishes a barrier between a trusted, secure internal network and another network (e. G. , the Internet) that is not assumed to be secure and trusted.
The Chula Vista site lacked a firewall connection resulting in a direction connection to the Internet.Without a firewall in place, all of the company computers are directly accessible to anyone on the Internet. Possible network infrastructure threats arise from two sources, external and internal resources. In recent years, a growing best practice has been to deploy firewalls not only at the traditional network perimeter-where the private corporate network meets the public Internet-but also throughout the enterprise network in key internal locations, as well as at the WAN edge of branch office networks (Deploying Firewalls Throughout Your Organization, 2014).
This distributed- firewall strategy helps protect against internal threats, which have historically accounted for a large percentage of cyber losses, according to annual studies conducted by the Computer Security Institute (CSS) (Tyson, 2014). External hearts are still a matter of concern, considering most external attacks focus on crashing computers and .NET,forks by using Denial Of Service (DOS) attacks. Hackers are searching for confidential data that they can abuse for profit, such as sales contacts, financial data, or customer account information.
Still others might be amassing hundreds or thousands of computers from which to launch a distributed attack against a single network on the Internet (2013 Threat Report, 2014). More than ever, Ass’s network infrastructure is vulnerable to cyber threats; according to Websites. Com, 2012 was a significant year in cyber- attacks on businesses and governments, on average 70 percent of its customers experienced a weekly average of 1 , 719 attacks per 1,000 users.
These attacks include web threats initiated through social media, mobile devices, email and other attack vectors.Should Aircraft Solution not reinforce its company’s firewall, their financial and their customer’s financial and intelligence data may be compromised or stolen. The negative effects of that this may have to their business reputation could devastate the company financially to the point of removing themselves from the market. Recommendation: As a recommendation for Potential Security Weakness II: Policy Vulnerability Aircraft Solutions weak security policy, requires that all firewalls and router rule sets are evaluated every two years.Firewall rules set reviews are performed to significantly strengthen an organization’s perimeter security and N.
B.,fork segmentation, and to verify that the .NET. ‘org segmentation meets best practices and supports the client’s/ customer needs. Frequent and thorough firewall audits are critical to reduce business risk exposures on an on. Going basis, and are also required for to demonstrate compliance with many information security isolations and best practices (techno.
Microsoft. Com, 2014).A cycle of every two years seems dangerous and reckless since technology and attacks with technology are evolving daily. The likelihood of a threat is high, because the assessment are done every two years.
Its necessary to review the firewall log, it may reveal unauthorized access attempts from within or outside the network, Unsuccessful logins to Ass’s firewall or to other critical servers could be a sign of a penetration attempt, and may prompt AS to block or drop all connections from that domain or IP address as a rule.The same goes for unexpected outbound connection, it may be a sign that an unauthorized user has gained access to the system and is using it as a launching pad for spam or to attack other computers from AS servers (Deploying Firewalls Throughout Your Organization, 2014). The consequence of not evaluating the firewall and router rules is the amount of time and money that AS would have to spend to repair and assess the damage created by Edward.
If the Edward aids the attacker access the Headquarter servers where then it may compromises the company files giving access to customer’s designs.