CMGT/400 v7
Threats, Attacks, and Vulnerability Assessment Template
CMGT/400 v7
Page 2 of 7
Threats, Attacks, and Vulnerability Assessment
Michael Bishop
February 4, 2020
CMGT400
Threats, Attacks, and Vulnerability Assessment Target Stores, Inc.Target Stores, Inc. is a wide-ranging products retailer with numerous stores spread in all 50 U.S. states and it has employed more than 350,000 individuals. It plays a very significant in improving the economy of the United States of America as well as paying awesome dividend to its investors and in order to achieve the anticipate growth and stay ahead of its competitors, the company has deployed a decisive technology platform so as to improve its mode of operations. Despite the benefits it accrues from the deployed technology, Target Stores was a victim of data breach in the year 2013 and due to the ever-evolving state of attacks, it is still susceptible to numerous emerging threats, attacks, and vulnerabilities (Vijayan, 2014).
Assessment Scope
The tangible assets in the company’s information system platform include hardware, software, telecommunication components, data and databases, and human resource and procedures. Additionally, there are other assets such cloud computing environments, mobile-related information systems, virtual resources, and integrated third-party systems.
Hardware are the physical technology components that support information processing and they include computers, printers, mobile devices, keyboards, external disk drives, and routers. In addition, servers, cameras, biometric systems, storage subsystems, networking cable, and dedicated network firewalls are notable hardware components. On the other hand, software components includes system programs such as operating system and application programs such as banking system, point of sale system, enterprise resource planning programs, and e-commerce applications.
Data are the day-to-day business operation records while databases or data warehouses are components where data is recorded and stored or where it can be retrieved in order to proceed with the outlining of tangible assets, communication components involve transmission assets such as network cables, wireless network components, antennas, routers, aggregators, repeaters, load balancers, and local area network (LAN) or wide area network (WAN) aspects. On the other hand, human resource assets includes the users who operate or access the company’s information systems while the procedures involve all processes and policies created and applied in order to perform actions.
It is also imperative to consider cloud computing environments, mobile-related information systems, virtual resources, and integrated third-party systems as other important assets of the company’s information system and they include cloud provider data infrastructure and services such as infrastructure-as-a-service (IaaS) and software-as-a-service (SaaS) platforms as well as virtual enterprise resou ...
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
CMGT400 v7Threats, Attacks, and Vulnerability Assessment Templa.docx
1. CMGT/400 v7
Threats, Attacks, and Vulnerability Assessment Template
CMGT/400 v7
Page 2 of 7
Threats, Attacks, and Vulnerability Assessment
Michael Bishop
February 4, 2020
CMGT400
Threats, Attacks, and Vulnerability Assessment Target Stores,
Inc.Target Stores, Inc. is a wide-ranging products retailer with
numerous stores spread in all 50 U.S. states and it has employed
more than 350,000 individuals. It plays a very significant in
improving the economy of the United States of America as well
as paying awesome dividend to its investors and in order to
achieve the anticipate growth and stay ahead of its competitors,
the company has deployed a decisive technology platform so as
to improve its mode of operations. Despite the benefits it
accrues from the deployed technology, Target Stores was a
victim of data breach in the year 2013 and due to the ever-
evolving state of attacks, it is still susceptible to numerous
emerging threats, attacks, and vulnerabilities (Vijayan, 2014).
Assessment Scope
The tangible assets in the company’s information system
platform include hardware, software, telecommunication
components, data and databases, and human resource and
procedures. Additionally, there are other assets such cloud
computing environments, mobile-related information systems,
virtual resources, and integrated third-party systems.
Hardware are the physical technology components that support
2. information processing and they include computers, printers,
mobile devices, keyboards, external disk drives, and routers. In
addition, servers, cameras, biometric systems, storage
subsystems, networking cable, and dedicated network firewalls
are notable hardware components. On the other hand, software
components includes system programs such as operating system
and application programs such as banking system, point of sale
system, enterprise resource planning programs, and e-commerce
applications.
Data are the day-to-day business operation records while
databases or data warehouses are components where data is
recorded and stored or where it can be retrieved in order to
proceed with the outlining of tangible assets, communication
components involve transmission assets such as network cables,
wireless network components, antennas, routers, aggregators,
repeaters, load balancers, and local area network (LAN) or wide
area network (WAN) aspects. On the other hand, human
resource assets includes the users who operate or access the
company’s information systems while the procedures involve all
processes and policies created and applied in order to perform
actions.
It is also imperative to consider cloud computing environments,
mobile-related information systems, virtual resources, and
integrated third-party systems as other important assets of the
company’s information system and they include cloud provider
data infrastructure and services such as infrastructure-as-a-
service (IaaS) and software-as-a-service (SaaS) platforms as
well as virtual enterprise resource planning applications,
business intelligence and analytical applications, office
productivity suites and many others (Vijayan, 2014).
Most of these tangible assets will be assessed in order to
evaluate the level of vulnerability as well as to identify the
threats and attacks posed to the organization in addition to
examining the existing countermeasures. However, internet
service providers, cloud service providers, virtual resources,
and integrated third-party systems will not be assessed as it will
3. require direct authorization from their leaders and which may
cause privacy issues for other companies that they provide
services to.
System Model
Existing Countermeasures
Preliminary survey and research indicate that the existing
countermeasures include advanced monitoring and log in
security systems, installed application whitelisting POS systems
and point of sale (POS) management tools, improved firewall
rules and policies, robust user account and identity management
systems, use of two-factor authentication and password vaults,
and employee security training programs as well as proper
network segmentation. The company has also regulated point of
interactions between two different units that are within the
information system structure such as firewalls to monitor
inbound and outbound traffic.
In addition, a risk management plan and vulnerability
assessment are also utilized frequently with the core aspects
that are evaluated being tasks or workflows, people, technology,
and the entire structure. This supports to identify emerging
vulnerabilities and threats as well as to implement appropriate
security solutions such as patches and updates. Finally, the
company sought to limit and control vendor access to various
resources in addition to implementing comprehensive account
re-configuration frameworks in order to deactivate former
personnel and contractors’ accounts (Post & Kagan, 2017).
Threat Agents and Possible Attacks
In this organization, the major threat agents includes
4. insider/employee threat, IP scan and reconnaissance, malicious
programs, web browsing, unprotected shares, mass emails,
Simple Network Management Protocol (SNMP), forces of
nature, acts of human error, technology failure, and deviation in
service from providers as well as obsolete technologies. The
possible attacks include Distributed Denial of Service (DDoS),
data theft, the man-in-the-middle attacks, spoofing, social
engineering attacks, and side-channel attacks as well as buffer
overflow and brute force attacks (Post & Kagan, 2017).
Exploitable Vulnerabilities
The exploitable vulnerabilities in this case include service
provider failures, deviation in quality of service, inexperienced
users, default settings, unprotected sharing, unprotected
endpoints, social networking applications, and inappropriate
application downloads and web browsing behavior. Other
vulnerabilities that can be exploited include vendor-portal
access points, access to physical facilities, and unpatched
systems (Pfleeger & Caputo, 2016).
Threat History/Business Impact
Threat History Events
Duration
Business Impact
Threat Resolution
Fire Eye malware detection system illegally reconfigured
1 year
Successful injection of malware
Improved administrative controls and policies
Malware installed
18 months
Theft of information through U.S servers
Intrusion detection/prevention systems
POS terminal attack
8 months
Data thefts and financial system sabotage
5. Chip and PIN security approach
Quality of Service attacks
10 months
Restricted access to financial systems ordered by managers
Deployment of comprehensive network traffic security controls
and network/system segmentation
Risks and Contingencies Matrix
Risk
Probability
Priority
Owner
Countermeasures/Contingencies/Mitigation Approach
Limited user awareness
Likely
Medium
Company
Regular educational and training programs
Emerging threats
High likely
High
Company
Vulnerability scanning and external audits
Inappropriate browsing
High likely
Medium
Users
Ethical-based and behavior policies, monitoring systems
Vendor failure
Minimal
Medium
Service provider