Much organizational information is confidential and its leakage to undesired entities can damage an organization. Therefore, the computer network of an organization should be secure enough to prevent or minimize data leakage. Your ability to identify security gaps in a network and to select measures to close those gaps will be critical to your organization’s success as well as to your professional success as a security professional.
Consider this scenario: You are the IT security manager for a business that has undergone rapid growth. The company network is suddenly much larger because of several key acquisitions. The Securities and Exchange Commission (SEC) has contacted your CEO regarding the possibility that private financial information regarding some of these new acquisitions has been leaked. There could be many ways the information leaked, and you have been asked to investigate gaps in network security that may allow data leakage such as eavesdropping or theft of credentials.
Based on your readings, as well as on additional information gleaned through research, write a 3- to 5-page paper for your Director of IT, analyzing the current security issue. You may assume that the network security is very basic. Identify possible gaps in securing the network and recommend solutions. Address the following points in your paper:
- Explain three possible ways that network data could leak or could be stolen.
- For each way that you have identified, how would you confirm whether or not data leakage has happened?
- What countermeasures (such as secure network protocols) would you employ to reduce the attack surface for the identified gaps? Justify your choices.
|Due By (Pacific Time)
||11/20/2015 12:00 pm