• The HoneyTree was hired by another company to conduct a security audit to examine the vulnerabilities of its information systems. To complete the security audit, it must be determined if there are vulnerabilities of its informational system. The set up and the overall security of the network area will be tested. The company is a five building campus. All five buildings, inside and outside will be tested. The perimeter of the campus will also be tested to make sure that no internet service is outside the campus. In order to complete the audit a list of all users, databases, and passwords will be needed. Access to the grounds to observe who has access to what will also be crucial. ...view middle of the document...
Also, security of the buildings will be tested. Who has access to rooms and the building as a whole will be monitored. Where are the servers being stored and who has access to that will also be noted. Walking around and trying to gain access and watching people gain access to the building and rooms inside. Who has access to computer labs and if there are any security features into using these computers. While walking outside observing if there are any security cameras and who can get into the buildings. These will be tactics in observing the security outside the campus and the security measures of the buildings themselves.
• The campus area network allows an interconnection between the LANs of the campus over the network. The Wi-Fi LAN in each building allows users in the area of the building to connect to the network. The campus area network is a limited area which only allows users within the area to connect. Many users can connect to the Wi-Fi LAN. The Wi-Fi is convent with no cables needed and can transfer data at a distance. The LAN is a small area with users. The speed should be fast and efficient. A router connects the networks together. It can distribute data traffic and allow only users with usernames and passwords to access it.
• The database server is a blade server. It is a program that equally distributes applications from the server to the clients. This server stores applications such as software or other servers which then allows users who connect to the server to use them.
• The internet and email server store, collect and transmit data from person to person. Email server transmits emails from person to person. The server takes in any internet sources or emails, searches for any viruses or malware store within them. This provides another form of security through the server itself.
• The backup server is used as a backup which is a good disaster recovery plan. If something were to happen to one server or a computer, the backups will be stored on the server.
• After completing the audit, there were some vulnerabilities found in the information systems set up. First, because the LAN features Wi-Fi, it is very possible that someone could hack into the network. The threat of eavesdropping will never completely disappear. Wireless LANs use radio frequencies and even though they could be encrypted, the right technology can allow people to listen in on communications. Second, war driving will not be a huge issue at this campus due to the fact that you must be on campus to receive Wi-Fi and you must have a proper username and password in order to log on. Authentication is used for users who want to connect to Wi-Fi. A user ID and password would be provided when attending the campus. Without the proper user ID and password, the secure network would deny all access. This authentication will help prevent both the eavesdropping and war driving issue. Third, a Wi-Fi LAN with multiple users can slow down...