Question

student name: When securing the modern enterprise, consider that IT systems do not operate alone. Securing...

student name:

When securing the modern enterprise, consider that IT systems do not operate alone. Securing them involves securing their interfaces with other systems as well. It is important to know the different interconnections each system may have.

Fill out the table below for four IT systems. Include the following:

  • Note two enterprise systems they connect with and their connection type.
  • Note two security vulnerabilities the connection may have and 2 to 4 ways each vulnerability could be potentially exploited.

Consider the following as you build your table:

  • Two example rows have been entered into the table.
  • Keep in mind that enterprise systems cover a certain task in the enterprise (HR, CRM, identity management, etc.). They are not the components of a system (such as servers).
  • Connections can often be a direct connection/pipe, a file, a common database or something else.
  • The vulnerability is what would make the connection vulnerable to an attack.
  • The related risk is an attack that could target the weakness.

IT System

Target System

Connection Type

Possible Security Vulnerability

Related Risk

Example HR System

Identity Management System

Feeder File

File could be modified.

User rights might not be correctly updated.

Example

Customer Relationship

Management (CRM)

1. Sensitive Data

2. System Data

Web communications (https)
  1. TCP/IP (denial-of-service attacks)
  2. Cross-site scripting (XSS or CSS)
  1. Mail bombs
  2. Temporarily cease operation
  3. Theft of data and information
  4. Content spoofing
  5. Not to be in compliance
  6. Control of user browser
  7. Deliver malware or warm
  8. Execute arbitrary commands
  9. Control of user account on vulnerable web application

Please type your answer

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1
IT System Target System Connection Type Possible Security Vulnerability Related Risks
Employee Management System Identity Management System Database Connection Misconfiguration System unavailability
Home Systems Home desktops or Laptops External Drives No antivirus or firewalls Loss of data
Data Warehouses Information Management System Web communications (https) Denial of service or Man in the middle   Unavailability of statistics and data
Enterprise Resource Planning System Management System Feeder File File could be modified. Access rights might not be correctly updated.
0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Student name: When securing the modern enterprise, consider that IT systems do not operate alone. Securing...
Student name: When securing the modern enterprise, consider that IT systems do not operate alone. Securing them involves securing their interfaces with other systems as well. It is important to know the different interconnections each system may have. Fill out the table below for four IT systems. Include the following: Note two enterprise systems they connect with and their connection type. Note two security vulnerabilities the connection may have and 2 to 4 ways each vulnerability could be potentially exploited....
Lesson 2 – Cybersecurity Terminology Term / Concept 2FA (2-Factor Authentication) APT (Advanced Persistent Threat) Breach...
Lesson 2 – Cybersecurity Terminology Term / Concept 2FA (2-Factor Authentication) APT (Advanced Persistent Threat) Breach Cyberattack Data breach Endpoint security Hardening IDS (Intrusion Detection System) Least privilege Malware Patch management Penetration testing Proxy server Risk Security policy Social engineering Threat Threat vector Trusted network Vulnerability Description / Definition Requires two pieces of evidence or credentials to gain access to an account or other secure/restricted area. A set of hacking processes targeting a specific entity –usually nations or organizations attacking...
QUESTION 1 Advanced Security Inc. was hired by the Treasury Bank Inc. for securing their systems....
QUESTION 1 Advanced Security Inc. was hired by the Treasury Bank Inc. for securing their systems. The first thing they did was implement the best practice if separation of domains. As a result of this The bank had to get a new domain name. any change made in the records points to only one party who could have made that change. If you are a technical person, you must have office in a particular area of the building. accessing outside...
1. Which of the following would NOT be considered an example of cyber terrorism? a. An...
1. Which of the following would NOT be considered an example of cyber terrorism? a. An attack on a system for personal gain b. An attack with the purpose of gaining publicity c. Giving out disinformation d. Changing the content of a Web page 2. What type of system is typically involved in a low-security/low priority attack that still causes significant problems? a. Economic b. general c. military d. cyber 3. Which of the following would be a form of...
Case Study 1: American Water Keeps Data Flowing American Water, founded in 1886, is the largest...
Case Study 1: American Water Keeps Data Flowing American Water, founded in 1886, is the largest public water utility in the United States. Headquartered in Voorhees, N.J., the company employs more than 7,000 dedicated professionals who provide drinking water, wastewater and other related services to approximately 16 million people in 35 states, as well as Ontario and Manitoba, Canada. Most of American Water's services support locally managed utility subsidiaries that are regulated by the U.S. state in which each operates...
American Water, founded in 1886, is the largest public water utility in the United States. Headquartered...
American Water, founded in 1886, is the largest public water utility in the United States. Headquartered in Voorhees, N.J., the company employs more than 7,000 dedicated professionals who provide drinking water, wastewater and other related services to approximately 16 million people in 35 states, as well as Ontario and Manitoba, Canada. Most of American Water’s services support locally-managed utility subsidiaries that are regulated by the U.S. state in which each operates as well as the federal government. American Water also...
In today’s mobile, cloud-first world, organizations are allowing unprecedented levels of work to be completed from...
In today’s mobile, cloud-first world, organizations are allowing unprecedented levels of work to be completed from outside of the office. Employees and employers both benefit from the flexibility and efficiency that arises when workers can perform their duties from coffee shops, airports, their homes, and more. As such, providing employees with the ability to work remotely is an excellent way to attract and retain a talented, productive team. The devices and security measures used throughout an organization play a significant...
1) Which of the following is not a valid way that a CRM system can collect...
1) Which of the following is not a valid way that a CRM system can collect information? A. accounting system B. order fulfillment system C. inventory system D. customer’s personal computer 2)Which of the following is a common marketing CRM metric? A. number of new prospective customers B. average number of service calls per day C. average time to resolution D. cost per interaction by marketing campaign 3)Which question below represents a CRM reporting technology example? A. Why did sales...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the...
Funding an IS project through a Chargeback method involves: Pricing the IS service out for the customer buying the end product Direct billing by the firm for IS resources or services to the department that uses them Direct billing by the manager of a function for IS resources or services to an employee that uses them An accounting process that reduces tax liability for capital investments All of the following are attributes of considering IS costs as Overhead except the...
INTRODUCTION TO MARKETING Question: Identify TWO target segments for the NOBU brand and briefly describe each...
INTRODUCTION TO MARKETING Question: Identify TWO target segments for the NOBU brand and briefly describe each using the relevant concepts covered in this course Traveling in Nobu Style: Converting Restaurant Patrons to Hotel Guests The name “Nobu” is synonymous with an exceptional Japanese dining experience, perfected by chef Nobu Matsuhisa over a more than 30-year career. Matsuhisa, together with actor Robert De Niro and restaurateur Drew Nieporent, opened the first Nobu restaurant in 1994 and to date, there are now...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT