100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Summary Asset Ident.docx CMGT/431 Week 2 Security Vulnerability Report Security Vulnerability Report A vulnerability report assessment is of key importance any to most organization. Here at Toys-R-Us we know the process of securing our network infrastructur $4.99   Add to cart

Summary

Summary Asset Ident.docx CMGT/431 Week 2 Security Vulnerability Report Security Vulnerability Report A vulnerability report assessment is of key importance any to most organization. Here at Toys-R-Us we know the process of securing our network infrastructur

 20 views  0 purchase
  • Course
  • Institution

Asset I CMGT/431 Week 2 Security Vulnerability Report Security Vulnerability Report A vulnerability report assessment is of key importance any to most organization. Here at Toys-R-Us we know the process of securing our network infrastructure must go beyond patch management and antivirus softw...

[Show more]

Preview 3 out of 18  pages

  • January 26, 2021
  • 18
  • 2020/2021
  • Summary
avatar-seller
CMGT/431 Week 2

Security Vulnerability Report




Security Vulnerability Report

A vulnerability report assessment is of key importance any to most organization. Here at

Toys-R-Us we know the process of securing our network infrastructure must go beyond patch

management and antivirus software. Toys-R-Us had identified key security vulnerabilities that

will be reviewed and illustrated in the following report. Some of these vulnerabilities include

incompatible software applications, outdated or legacy hardware and software. Because Toys-R-

Us operates in stores across the country, hackers may target this company seeking financial gain.

,Therefore, the entire infrastructure must be beefed up to protect this company from outside and

inside threats.

These are issues that contribute to the vulnerability of security of the company network

and infrastructure. Customer are the focus and protecting their personal identifiable information

from outside intruders is paramount due to the increase in identify theft in our area and across the

country. Crypto-virus has reared its ugly head once again, so keeping out weaknesses in the

network infrastructure must be done right away.

Scope
The events here are within the scope of this report:
• Each Store location must endure a site visit to ascertain vulnerabilities and threats onsite.
• Key Stakeholders will meet to review findings of the attached vulnerability report.
• Building security must be evaluated and must be secured to prevent burglary.
• Bring Your Own Device (BYOD) was implemented some years back for all employees,
so training must ensue to educate all employees on the threats and prospect of how they
can prevent causing damage to the company network when plug-n-play features are used
on company equipment.




Asset Identification

Assets of a tangible and intangible nature are identified below. These various classes

must be protected from infiltration and attack.
• Value of Inventory: toys, games, bicycles, robotics, virtual reality
• Inventory accountability: what are the losses?, where is the data?
• Value of technology assets: network equipment, point of sale systems, computers,
printers, scanners, ISP providers, etc.
• Value of buildings (own or rent?)

Threat Assessment

Toys-R-Us Threats

The ensuing lists document some of the identified threats to the Toys-R-Us organization.

Disasters (Natural)
• Earthquakes
• Fires
• Floods

, Threats (Internal & External)
• Hackers
• Identity Theft
• Sabotage
• Virus/Cyber Threats




Laws, Regulations, and Policy

Toys-R-Us practices regarding personal and financial information/data collecting,
security, maintenance, as well as our practices regarding our network infrastructure are all

aligned with federal and state laws. Toys-R-Us is continually working to stay in compliance with

all state and local government entities (Federal Deposit Insurance Corporation, 2018).

Toys-R-Us Policy Overview

Currently, Toys-R-Us current policies encompass safety, security, and privacy. This

ranges from the information/data collect, information/data shared, personal, information/data

safety within stores and online, online process, cookies used, apps and software used, and e-mail

processes. The privacy policy periodically will be updated from time to time (Toys-R-Us, 2018).

Network Infrastructure Security

Found Vulnerabilities

Listed are the network infrastructure security vulnerabilities revealed thru the threat

modeling process and report. These are considered substantial and should be addressed

Network Systems Not Protected

Explanation

Based on a configurable set of rules, a secured network has software, apps and hardware

that determines which network processes/connections are allowed or denied. There are

commonly four kinds of attacks that can be prevented using correctly configured security tools:
• Spoofing
• Denial of service
• Data/Information theft

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller helperatsof1. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $4.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75759 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$4.99
  • (0)
  Add to cart