Conduct an IT security assessment in the company of your choice and provide a report about your findings. Your report should include (but not be limited to) the following:
I. An overview of the company IT infrastructure:
a) Relevant application software
b) OS and other system software
- Networks (communication)
- What kinds of AAA policies AAA (Authentication, Authorization, and Accounting) are there?
II. A description of the possible vulnerabilities and threats. You do not need to address every possible threat – choose only the most relevant ones. Name and explain 5-10 threats of your choice.
- What are the possible threats to the corporate digital assets?
- What are the vulnerabilities (lack of protection against the threats)? You may report as many vulnerabilities as you have found. Place each vulnerability into a correct category, e.g. “A wireless network device vulnerability through a weak password”.
- How are the threats and the vulnerabilities addressed? Provide the methods used. For each threat and vulnerability, briefly state what is done to reduce it. If no protection is taken, mention it. If yes, comment on the effectiveness of the defense.
Summary: This question belongs to computer science and discusses about IT security assessment of a company. Explains possible threats to the corporate digital assets and vulnerabilities.
Total word count: 2225
Download Full Solution