Question 1) You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains:
i) 2 – Firewalls
ii) 1 – Web / FTP server
iii) 1 – Exchange Email server
iv) 1 – Network Intrusion Detection System (NIDS)
v) 2 – Windows 2008 Active Directory Domain Controllers (DC)
vi) 3 – File servers
vii) 1 – Wireless access point (WAP)
viii) 100 – Desktop / Laptop computers
ix) VoIP telephone system
The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could have on the organization.
Write a four to five page paper in which you:
• Analyze and assess any potential malicious attacks and threats that might be carried out against network.
• Illustrate in writing potential impact of all identified malicious attacks and threats to network and organization.
• Analyze and assess all potential vulnerabilities that might exist in documented network.
• Illustrate in writing potential impact of all identified vulnerabilities to network and the organization.
Assignment should follow these formatting requirements:
Be typed, double spaced, using Times New Roman font size 12, with one-inch margins on all sides; citations and references should follow APA or school-specific format.
Specific course learning outcomes associated with this assignment are as follows:
• Describe the concepts of information systems security as applied to the IT infrastructure.
• Explain the principles of risk management, common response techniques, and issues related to recovery of the IT systems.
• Explain how malicious attacks, threats, and vulnerabilities impact the IT infrastructure.
• Describe the means attackers use to compromise systems and networks, and defenses used by the organizations.
• Use technology and information resources to research issues in the information systems security.
• Write clearly and concisely about network security topics using suitable writing mechanics and technical style conventions.