Threat Management And Risk Assessment Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The threats to the computers are increasing at an alarming rate due to the amount of important data present on the web. So attackers are employing different techniques to obtain the information. In this report I have made a threat analysis about 5 different servers.

Microsoft Exchange Server:

Description:

This application product was developed by Microsoft which is the server side of a server- client. Some of the features of Microsoft Exchange Server are Edge Transport, Hosted Filtering Integration, anti-spam filtering and extensibility for antivirus protection. It also provides anywhere access like email and calendaring.

Threat Identification:

Since Microsoft Exchange Server deals with internet and emailing it is prone to be affected by regular email and internet threats like Viruses, Worms and Trojans or a combination of them. Phishing, spoofing and malware also add to the list of threats. Spam messages can be dangerous because many of the files sent have hidden extensions to it and most of the computer users don't understand file extension names.

Vulnerability Identification:

Vulnerabilities can be numerous but one such kind that effects the internet applications and email messaging is E-mail injection. While submitting a form online the web page submits the data to a web application. A hacker can exploit the MIME format and add information to the data sent that changes the recipient or the data itself.

Control Analysis:

There are basically two types of threats - Behavioral and software often used in combination. Therefore security should be provided to prevent, detect and protect data/information and unauthorized users. Control measures must be taken to protect from unauthorized access, use, disclosure, disruption, modification, inspection or destruction and fulfill security goals - privacy, confidentiality, integrity and availability.

Control Recommendations/Actions:

Since this Server deals with a lot of internet and network/web application threats security measures like providing anti-viruses to the system can be done. Installing anti-virus can prevent malware, viruses and worms and using a Firewall can prevent/block unauthorized access.

Domain Controller:

Description:

A Domain Controller is a server that deals with authenticating security requests like logging in and checking/requesting permissions within a server domain. A domain allows a user to have access to any number or computer resources using a single user id and password.

Threat Identification:

Possible threats that affect the Domain controller are attempting to access the security database, Copy or modify the database, trying to change or view the information about security configuration, giving access to unauthorized user by changing the existing user rights through unauthorized administrative access, providing access by changing computer properties and allowing unapproved computers to access the domain.

Vulnerability Identification:

Penetration testing is a simulation system where we can simulate an attack from a malicious source on a network or host for checking the efficiency of the security policies. This helps in finding the vulnerabilities that are present in our system or network. Penetration testing is usually done without knowing the user authentication information but is done with full consent from the user. Penetrating testing tools can be classified into two types: Reconnaissance and Vulnerability testing tools and exploitation tools. Some of the examples for penetration testing are Nmap, Nessus and Wireshark.

Control Analysis:

The problem with Domain Controller is that the privileges and restrictions according to the employee's designation but sometimes the lower level employees can be given higher level of access.

Control Recommendations/Actions:

There are multiple ways in which we can secure a domain controller, some of the base-level security measures that can be taken in a domain controller are by using an access control list on the gateway to protect who can access the domain controller, Syskey can be used to protect the security database, by disabling all the services that are not required, access to the domain controller should be limited; separate groups for different users can be maintained.

Critix Server:

Description:

The Citrix terminal server allows access to any desktop or computer remotely and provides access to every application installed in the circle. This server is thin client. A thin client is a computer depending very much on the server or any other computer to perform the roles which it should normally do on its own.

Threat Identification:

Since the Citrix server deals with accessing system remotely there is a possibility of it getting corrupted with the Viruses, worms, malware infecting the system which it accesses.

Vulnerability Identification:

The most vulnerable point of the Citrix systems would be the vulnerability caused by the buffer overflow. The buffer overflow is an anomaly in which a program exceeds the limits and overwrites data to the adjacent memory while transferring data to the buffer which may result in a breach of the systems security.

Control Analysis:

There are standard scans and continuous scans which are configured to analyze the Citric server. The result of the standard scans is only done before the system is logged in. The standard scans cannot include the process, file and registry checks.

Control Recommendations/Actions:

Continuous scans can be used which can implement the process, file and registry checks throughout the longevity of the session.

Web Server Running IIS:

Description:

IIS is based on the architecture of modules, which can be attached or detached depending on the specific functionality needed at the given time. The modules can be HTTP, security, caching, compression and content modules.

Threat Identification:

The main threat the server using IIS is that it is very easy to install a back door on it and then install a Trojan horse.

Vulnerability Identification:

The vulnerability in the IIS can be due to Internet Server Application Programming Interface (ISAPI) which increases the risk of buffer overflow.

Control Analysis:

The web server using IIS has the major vulnerability of being susceptible to the threat of buffer overflow.

Control Recommendations/Actions:

The solution to the problem of buffer overflow can be managed by testing any application running on the web server using IIS in a sand boxed environment.

Server Running Microsoft SQL Server:

Description:

Microsoft SQL Server is a widely used relational database management system developed by Microsoft Corporation. SQL Server also supports cloud based database capabilities with the help of SQL Azure.

Threat Identification:

The threat to the Server using Microsoft SQL Server is that the database can be exploited by the flooding of DNS queries. Here, the attacker needs to duplicate the IP address of the DNS server thus exploiting port 53 which is the source port for the packets.

Vulnerability Identification:

The vulnerability of the web server using SQL server is that it can be easily misused by any intruder by running scripts in the console of the database.

Control Analysis:

The problem with web server using SQL is the same as the one with the domain Controller i.e. the privileges are given randomly, not according to the designation of the employee.

Control Recommendations/Actions:

Not everyone is allowed to run scripts. It should be made sure that administrators are the only ones who should be given permissions to run a database script.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.