Monday, 7 May 2018

Security Audit

EXERCISE

1. Discuss the purpose of a security audit, how it is managed and how to action the outcomes.
  •  It can be happen before the threats, the security have to be check first. It is security of an organization physical, financial and computer access that controls the procedures and systems to determine its level of vulnerability to attacks or intrusions from unauthorized access. 
How it is manage?
  • It is managed by evaluating the scope of information security management organization and determine whether essential security functions are being addressed effectively.
How to action the outcomes?
  •  We have to update our security systems to prevent from unauthorized access.
2. Explore the range of vulnerability tests to detect weakness in security systems.
  • Software program to discover flaws - to tests the system by sending out remote threats in order to ensure the system is capable of holding against security threats.
  • Improves the speed of re-mediating highest risk vulnerabilities.
  • Using host based to identifies the issues in the system.
  • Vulnerability scanning - potential targets for DOS attacks.
  • Password cracking - used to test and detect weak passwords that should be changed.
3. Provide an outline problem scenario for testing and review possible outcomes.

Problem: Abuse of User Account Privileges
  • Most attacks were carried out by insider. Whether t's because of honest mistakes (accidently sending info to the wrong email address or losing a work device), intentional leaks and misuse of account privileges, the people inside you business represent one of the biggest security problems you'll ever face because these threats come from trusted users and systems, they're also among the hardest to identify and stop. 
4. Produce an audit document showing the range of tests on IT systems and networks (e.g. LANs/WANs and wireless networks).

 
 
 
 



REFERENCES

What is security audit? definition and meaning

BusinessDictionary.com. (2018). What is security audit? definition and meaning. [online] Available at: http://www.businessdictionary.com/definition/security-audit.html [Accessed 8 May 2018].

 

Information Security Management Audit/Assurance Program

Isaca.org. (2018). Information Security Management Audit/Assurance Program. [online] Available at: https://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/Information-Security-Management-Audit-Assurance-Program.aspx [Accessed 8 May 2018].


 Bhatti. (2012). Audit Checklist for Information SystemsSlideshare.net. Retrieved 8 May 2018, from https://www.slideshare.net/ATBHATTI/audit-checklist-for-information-systems-14849697

Dosal, E.

Dosal, E. (2018). 5 Common Network Security Problems and Solutions. [online] Compuquip.com. Available at: https://www.compuquip.com/blog/5-common-network-security-problems-and-solutions [Accessed 10 May 2018].


 


Posted by at

1 comment:

  1. areebashaikh23 February 2021 at 09:33

    computer repair nj Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon. Big thanks for the useful info.

    ReplyDelete

Subscribe to: Post Comments (Atom)