Threat and How Is it

¶ … threat and how is it exploited? Provide two (2) examples to support your reasoning. One of the most common security threats is in the form of malicious software such as viruses, worms, Trojan horses ("Top 9 IT security threats of 2009," Net Security, 2009). Although antivirus software can protect users against some of these threats, no program is perfectly up-to-date, and new threats are being generated all of the time.

Employees may get in the habit of opening up email without thinking of the source, or may be sent email that is 'spoofed' using a name of a familiar client. When employees are allowed to surf online in an unrestricted fashion, a normally friendly site can have malicious adware installed, causing the employees to stumble upon it in their casual surfing and to affect the whole network. A second threat is that of 'phishing' where classified data can be obtained through apparently legitimate questions sent to employees.

Proper training of employees in Internet security safety protocols is essential ("Top 9 IT security threats of 2009," Net Security, 2009). Question 2: Identify a high risk threat and explain the relationship between its impact and likelihood. "A PC is most vulnerable to attacks launched before the software maker has devised and released the necessary fix" (Brandt 2009). Security threats that are left 'unpatched,' or when there is a delay between the creation of the patch and the installment, can leave the system vulnerable to attacks by Malware and viruses.

Of course, it is possible in the case of a protected and enclosed work Intranet, where employees are carefully prepared to monitor their browsing and web-surfing (or there are blocks upon the non-work use of such applications) that the threat will not be exploited. But no company can be assured of this, no matter how well-prepared. Question 3. Are all security concerns vulnerabilities? Explain why or why not and provide two (2) examples to support your reasoning. Not all security concerns are vulnerabilities in the sense that they are system failures.

In the case of 'malicious insiders,' employees with grievances against the company may exploit their knowledge and use this to infiltrate the system. These users have critical data because they are trusted by management. Instead, these employees use their position for nefarious purposes. In this instance, the fault is employee screening on HR's part rather than the system. Physical vulnerabilities, such as users who leave their systems running while still logged in can also create security concerns, even in the case of a secure system.

While systems should have automatic log-outs after a specific period of time, it is impossible for a system to be totally secure if it is being used by an employee who does not follow proper security protocols. Question 4: Identify five (5) important documentation types necessary for the assessment and explain why they are important. Network-based testing tests "components of application vulnerability assessment, host vulnerability assessment, and security best practices" ("Security assessment questionnaire," CMU, 2011).

It is used to "assess the ease with which any outsider could exploit publicly available information or social engineering to gain unauthorized access" from the internet or intranet due to weak encryption, authentication, and other vulnerabilities ("Security assessment questionnaire," CMU, 2011). Host-based assessment evaluates the "the health and security of given workstation or server" ("Security assessment questionnaire," CMU, 2011). It assesses if security controls like anti-virus software are up-to-date and indentifies if unnecessary services are running.

It also assesses how up-to-date and vulnerable security controls may be on a workstation; just like network testing does on a general level. Application assessment assesses the "functionality and resilience of the compiled application to known threats," focusing.