Assessment of it security risks
different types of security, threats, and vulnerabilities
security procedures for business continuity
it security risks assessment and treatment
it security solutions
configuration of firewall policies and third-party VPNs
implementation of network security ...
,As Junior Information Security Analyst, this report has been written on request for
AKI Investments Ltd, to critically assess their system.
While assessing AKI Investments system, a security breach has been discovered in
the finance department, which we will see on this report, that was successfully
resolved.
A quick overview of content of this report:
Different types of security, risk, vulnerabilities, and threats.
An evaluation of physical and virtual security measure to ensure integrity of
the AKI Investments Ltd system.
Implementation of the network security of the financial department by
explaining how DMZ can be implemented.
Security Awareness Handbook of AKI Investments Ltd.
2
,Security vulnerabilities are any flaws that could be exploited by bad actors. The ISO
27002 standard defines a vulnerability as a flaw in a resource or group of resources
that can be exploited by one or more threats.
Dosal, E. (2020). Available at: https://www.compuquip.com/blog/computer-
security-vulnerabilities
Types of security vulnerabilities:
Security Misconfiguration - A security misconfiguration exposes your company
to online dangers by leaving insufficient security in servers or web
applications.
SQL Injection - One of the most popular security attacks is SQL injection. It is
done by "injecting" a harmful payload into a web website or program, which
has the potential to destroy your data.
Broken Authentication - When authentication keys are lost, stolen, or
breached, malicious players may pretend to be the intended user to obtain
access to sensitive systems and data.
3
, Security threats are any threats to deliberately target a computer system with
the intention of coercing an insured into handing over cash, securities, or other
valuable tangible or intangible property.
Orion Cassetto Director, Product Marketing (2022). Available at:
https://www.exabeam.com/information-security/cyber-security-threat/
Types of security threats:
Malware - Malicious software includes malware, viruses, adware, and
blackmail.
Passwords Attacks - A computer attacker has access to an abundance of
data with the correct passcode.
Phishing - Phishing attacks use phoney correspondence, like an email, to con
the recipient into reading it and following the directions contained therein, like
entering a credit card number.
The bad consequences that result from a danger to the secrecy, integrity, or
availability of information are included in the concept of security risk.
Watts, S. (2008). Available at: https://www.bmc.com/blogs/security-vulnerability-
vs-threat-vs-risk-whats-difference/
Depending on the vulnerability's characteristics and the sort of threat, the possible
loss or harm can change when it is exploited. If a weakness is successfully exploited,
some potential outcomes include:
Confidential data being accessed without authorization.
Functioning disruptions in the workplace.
Malware contamination.
Financial setback.
A diminished image.
A strategy for internet security is a subset of business continuity planning. Business
continuity planning is the process of creating a strategy to identify key business risks
that could cause significant disruption, preventing them where practical, and
preparing to enable crucial processes to continue where practical.
When it comes to cyber security, the same rules that apply to any business
4
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
√ Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper mihaelaturtucaianu. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €15,43. Je zit daarna nergens aan vast.
