Analyze three specific potential malicious attacks
Computer Network Security
You have just been hired as an Information Security Engineer for a videogame
development company. The organization network structure is identified in the
below network diagram and specifically contains:
1) 2 – Firewalls
5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC)
2) 1 – Web / FTP server
6) 3 – File servers
3) 1 – Microsoft Exchange Email server
7) 1 – Wireless access point (WAP)
4) 1 – Network Intrusion Detection System (NIDS)
8) 100 – Desktop / Laptop computers
9) VoIP telephone system
The CIO has seen reports of malicious activity being on the rise and has
become extremely concerned with the protection of the intellectual property
and highly sensitive data maintained by your organization. As one of your
first tasks with the organization, the CIO requested you identify and draft a
report identifying potential malicious attacks, threats, and vulnerabilities
specific to your organization. Further, the CIO would like you to briefly
explain each item and the potential impact it could have on the organization.
Write a four to five page paper in which you:
1. Analyze three specific potential malicious attacks and / or threats
that could be carried out against the network and organization.
2. Explain in detail the potential impact of the three selected malicious
attacks.
3. Propose the security controls that you would consider implementing in
order to protect against the selected potential malicious attacks.
4. Analyze three potential concerns for data loss and data theft that may
exist in the documented network.
5. Explicate the potential impact of the three selected concerns for data
loss and data theft.
6. Propose the security controls that you would consider implementing in
order to protect against the selected concerns for data loss and data theft.
7. Use at least three quality resources in this assignment (no more than
2-3 years old) from material outside the textbook. Note: Wikipedia and similar
Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA or
school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment are:
• Explain the concepts of information systems security as applied to an
IT infrastructure.
• Describe the principles of risk management, common response
techniques, and issues related to recovery of IT systems.
• Describe how malicious attacks, threats, and vulnerabilities impact an
IT infrastructure.
• Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
• Use technology and information resources to research issues in
information systems security.
• Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions
