Technical Paper: Risk Assessment 10 pages - 88980

Solution Posted by
Solution Detail
Price: $15.00
  • From: Business, Finance
  • Posted on: Thu 12 Mar, 2015
  • Request id: # 76582
  • Purchased: 1 time(s)
  • Average Rating: (100) A+
Request Description
Solution Description





Technical Paper: Risk Assessment








CIS 502 Theories of Security Management

Strayer University

















Describe the company network, interconnection, and communication environment

            The Global Finance Inc. network has two OC 193 core circuits that are connected to the core routers located in the DMZ. A PTSN circuit is also present, which connects to a phone switch located in the DMZ.  There are two OC 193 circuit connections, 10 Gbps each, and they are not bonded meaning they are individual connections.   The core routers as well as the Intranet routers have a failover configuration.  The PTSN circuit coming into the phone switch located in the DMZ is not part of the GFI data network.  The core routers are located in the DMZ with the VPN server.  The core routers have direct access to the remaining network, which are the Accounting Department, Loan Department, Customer Service, Management, Credit Department and Finance Department, which are connected to the Trusted Computer Base Internal Network (TCBIN).  Additionally, there is an off-site office that has a VPN gateway to the Cloud and from the Cloud to the Intranet.  Also the Remote Dial-up-User has access to the PTSN network.

Assess risk based on the Global Finance, Inc. Network Diagram scenario. Note: Your risk assessment should cover all the necessary details for your client, GFI Inc., to understand the risk factors of the organization and risk posture of the current environment. The company management will decide what to mitigate based on your risk assessment. Your risk assessment must be comprehensive for the organization to make data-driven decisions

  1. Describe and defend your assumptions as there is no further information from this company. The company does not wish to release any security-related information per company policy

Based on GFI’s network the following is the risk assessment that GFI should receive regarding its network:

Off-site VPN:  According to (, 2006), there are 5 common VPN security mistakes that companies like GFI make: (Note GFI’s VPN is promise based, which has a higher risk of security vulnerability.)

  • Skipping Real-Time Endpoint Security Monitoring

The first security mistake for most companies is skipping the real-time endpoint security monitoring, or deeming it as too costly. Most Virtual Private Networks VPN are just that – a virtual, secure private communication channel that transports data from Point A to Point B, or typically from an end-user to a corporate network. Unfortunately, if Point A is a computer with a virus or an improperly configured firewall, then a hole has been created in the company’s network. Additionally, 95% of all security breaches occur at the browser level.  In essence, remote access is given to everything on that endpoint (the user’s PC), and not just to the person sitting at the keyboard.

The problem, then, is most VPN clients, especially those that are web-based, don’t do any kind of sec