Chat with us, powered by LiveChat Identify 1 potential Hardware and 1 Potential Software weaknesses | Writedemy

Identify 1 potential Hardware and 1 Potential Software weaknesses

Identify 1 potential Hardware and 1 Potential Software weaknesses

Question

Identify 1 potential Hardware and 1 Potential Software weaknesses from the Quality Web Design Company scenario below. Choose the most serious weakness in both cases.

To define the asset or policy with sufficient detail to justify your assessment, your assessment must include:

* the vulnerability associated with the asset
* the possible threats against the asset or policy
* the likelihood that the threat will occur (risk)
* the consequences to mission critical business processes should the threat occur
* how the organization’s competitive edge will be affected should the threat occur

Company Overview
Quality Web Design (QWD) is an organization that specializes in Web site and Web content design for all types of businesses. QWD’s mission is to provide top quality Web design that will increase consumer generated revenue to QWD’s customer Web sites. QWD’s database contains over 250,000 proprietary images and graphical designs that will enhance most Web site’s appeal to a target demographic.
Business Processes
Quality Web Design has several mission critical business processes. First is the use of the repository of Web site templates, custom written scripts and/or custom applications. This repository is stored in a Microsoft Visual Studio Team Foundation Service (TFS) server. This application is used to monitor the project development lifecycle of custom Visual Studio applications from inception to deployment, including the quality assurance testing phase. Other critical business processes are QWD’s accounting, payroll and Marketing operations all of which are supported by IT assets. There are strict technology-based access controls associated with each of these systems to ensure that only authorized personnel cam access tje,.
Digital Assets
These are shown in the network diagrams below
WAN
• (2) T1 Frame Relay circuits connected to the Internet.
• ISP controlled Internet routers
• Corporate Firewall Model: Juniper ISG2000 integrated Firewall, VPN, and Intrusion Detection and Prevention system. Remote office firewall is a Juniper SSG140.
• L2TP/IPSec VPN tunnel between the corporate firewall and the office firewall to allow for secure data flow.
Corporate Office
• Internal LAN switch is an HP 5400zl series with 147 ports with 10/100/1000 GB connectivity.
• (2) HP ProCurve MSM410 Access Point US wireless access points.
• Microsoft TFS code repository consists of 1 Web server, 1 application server, and 1 database code repository.
• Web server includes, Microsoft Share Point portal for department document and Web sites. Corporate intranet site.
• Microsoft SQL 2008 Database server used for storage of custom designed graphics and custom application image control system.
• File and Print server services.
• Microsoft Exchange 2007 email servers, include (2) Client Access (CAS) and Hub Transport (HT) Servers, 1 backend mailbox servers.
• HP Storage Works SAN with 6 TB disk space.
• (2) Microsoft Windows 2008 domain controllers.
• Approximately 50 user computers, 35 laptops and 15 desktops.
• (4) network printers
• (30) Mobile devices, IPhones, and Windows Mobile 6 devices.
Remote Office:
• HP ProCurve Switch 3500yl-48G0PWR intelligent Edge. This is a 48 10/100/1000 GB port intelligent switch.
• (2) HP ProCurve MSM410 Access Point US wireless access points.
• Microsoft TFS code repository, consists of 1 Web server, 1 application server that connects to the database server in the corporate office through the IPSec tunnel.
• (2) Microsoft Windows 2008 domain controllers.
• File and Print server services.
• Approximately 20 user computers, 15 laptops and 5 desktops.
• (2) Network printers
• (15) Mobile devices consisting of IPhones, and Windows Mobile 6 devices.

Externally Published Services
Corporate and remote offices have the following services that are accessible for employees. From corporate owned computer or mobile device employees can access VPN, Outlook Web Access for email, or Active Sync for Exchange server. On any computer in the world employees can access Outlook Web Access for email. Customers are only allowed to access to the Corporate Web site.

Security Controls
There is a published corporate security manual that covers the following security practices. Username standard including having a separate account for any elevated privileges. Password length, complexity, rotation and history requirements. Data classification levels depend upon what type of data each system contains and security group accounts control access to each data classification level. Security training is also describe and required communications quarterly and annual training classes.

Identify 1 potential Hardware and 1 Potential Software weaknesses from the Quality Web Design
Company scenario below. Choose the most serious weakness in both cases.

To define the asset or policy with sufficient detail to justify your assessment, your assessment
must include:
* the vulnerability associated with the asset
* the possible threats against the asset or policy
* the likelihood that the threat will occur (risk)
* the consequences to mission critical business processes should the threat occur
* how the organization’s competitive edge will be affected should the threat occur

Company Overview
Quality Web Design (QWD) is an organization that specializes in Web site and Web
content design for all types of businesses. QWD’s mission is to provide top quality Web design
that will increase consumer generated revenue to QWD’s customer Web sites. QWD’s database
contains over 250,000 proprietary images and graphical designs that will enhance most Web
site’s appeal to a target demographic.
Business Processes
Quality Web Design has several mission critical business processes. First is the use of
the repository of Web site templates, custom written scripts and/or custom applications. This
repository is stored in a Microsoft Visual Studio Team Foundation Service (TFS) server. This
application is used to monitor the project development lifecycle of custom Visual Studio
applications from inception to deployment, including the quality assurance testing phase. Other
critical business processes are QWD’s accounting, payroll and Marketing operations all of which
are supported by IT assets. There are strict technology-based access controls associated with
each of these systems to ensure that only authorized personnel cam access tje,.
Digital Assets

These are shown in the network diagrams below
WAN

(2) T1 Frame Relay circuits connected to the Internet.

ISP controlled Internet routers

Corporate Firewall Model: Juniper ISG2000 integrated Firewall, VPN,
and Intrusion Detection and Prevention system. Remote office firewall is a
Juniper SSG140.

L2TP/IPSec VPN tunnel between the corporate firewall and the office
firewall to allow for secure data flow.

Corporate Office

Internal LAN switch is an HP 5400zl series with 147 ports with
10/100/1000 GB connectivity.

(2) HP ProCurve MSM410 Access Point US wireless access points.

Microsoft TFS code repository consists of 1 Web server, 1 application
server, and 1 database code repository.

Web server includes, Microsoft Share Point portal for department
document and Web sites. Corporate intranet site.

Microsoft SQL 2008 Database server used for storage of custom designed
graphics and custom application image control system.

File and Print server services.

Microsoft Exchange 2007 email servers, include (2) Client Access (CAS)
and Hub Transport (HT) Servers, 1 backend mailbox servers.

HP Storage Works SAN with 6 TB disk space.

(2) Microsoft Windows 2008 domain controllers.

Approximately 50 user computers, 35 laptops and 15 desktops.

(4) network printers

(30) Mobile devices, IPhones, and Windows Mobile 6 devices.

HP ProCurve Switch 3500yl-48G0PWR intelligent Edge. This is a 48

Remote Office:
10/100/1000 GB port intelligent switch.

(2) HP ProCurve MSM410 Access Point US wireless access points.

Microsoft TFS code repository, consists of 1 Web server, 1 application
server that connects to the database server in the corporate office through
the IPSec tunnel.

(2) Microsoft Windows 2008 domain controllers.

File and Print server services.

Approximately 20 user computers, 15 laptops and 5 desktops.

(2) Network printers

(15) Mobile devices consisting of IPhones, and Windows Mobile 6
devices.

Externally Published Services
Corporate and remote offices have the following services that are accessible for employees.
From corporate owned computer or mobile device employees can access VPN, Outlook Web
Access for email, or Active Sync for Exchange server. On any computer in the world employees
can access Outlook Web Access for email. Customers are only allowed to access to the
Corporate Web site.
Security Controls
There is a published corporate security manual that covers the following security practices.
Username standard including having a separate account for any elevated privileges. Password

length, complexity, rotation and history requirements. Data classification levels depend upon
what type of data each system contains and security group accounts control access to each data
classification level. Security training is also describe and required communications quarterly and
annual training classes.

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.

Do you need an answer to this or any other questions?

About Writedemy

We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.

How It Works

To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.

Are there Discounts?

All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.

Hire a tutor today CLICK HERE to make your first order