CIS-217ProjectPart1

pdf

School

Georgia Military College *

*We aren’t endorsed by this school

Course

217

Subject

Computer Science

Date

Dec 6, 2023

Type

pdf

Pages

Uploaded by xpexpert8

1 Project Part 1: A Business Scenario Name Georgia Military College CIS 217-20101 Cyber Information Security Professor Veal October 25, 2023

2 Military College is one of the many colleges located in Georgia that have twelve campuses located throughout the state. Though the larger a community, the more vulnerable that community is to malicious activity. A way to help prevent unwanted activities is by becoming aware of what needs to be looked at to prevent the types of attacks in the first place. This is possible by exploring Georgia Military College’s key assets, associated threats and vulnerabilities, and creating a prioritized list of risks. Georgia Military College is a public educational institution whose biggest hardware asset is the computers that are found on campus. Most of the computers are used by the professors, guidance counselors, other staff found on campus, and students who did not bring their own device. There are computers set up in offices, in study rooms, in computer labs, and in classrooms. These computers, especially those located in the administration and financial aid offices, hold other important assets like thousands of students ’ records, which can range from a student's full name to their Social Security number to their address, financial information that keeps track of bank accounts and financial transaction data, and teacher’s log -in credentials that have access to their classes' gradebooks and lesson plans. Georgia Military College is responsible for keeping these types of assets safe but attainable if a staff member or student needs to access them. Now that the assets of Georgia Military College are known, it becomes easier to look for threats and vulnerabilities that may target these assets. An internet connection is established at all campuses so staff and students can access the internet, emails, print, and access their classes. Having an internet connection open in general will grant some forms of threats and vulnerabilities. A vulnerability is “a flaw or weakness in an asset’s design, implementation, or operation and management that could be exploited by a threat” ( Puzder 2023). Though vulnerabilities themselves are not something that could ruin a business, they could be used as gateway for a threat to enter a system and do some damage. A

3 vulnerability that stems from using the Internet could be a flaw in the software. The computers on campus can also contain vulnerabilities. If an operating system is not updated, there is a vulnerability that has been found but could still be exploited. On the other hand, if an operating system is updated, there is a chance that the update might have undone certain permissions and allow viruses and malware to make changes under the permission of the administrator (GeeksforGeeks 2021). As mentioned before, if there is a vulnerability, then there is a threat waiting to take advantage of this opening. Most threats that are carried out are intentional and malicious while others are simply just an accident, but no less dangerous. One threat that can be viewed as accidental is the weather or a natural disaster. A severe storm can easily take out the servers and sever the connection that users have with their assets leading to hardware or software failure. Students will lose access to their classes, the financial aid office loses access to banking information, and teachers are unable to update their class pages, which relies on Moodle, an external webpage company with its own threats. “This... software makes it easy for teachers to create password-protected Web sites where students can access class information and assignments, take... quizzes, [and] submit papers” (McFarland 2007). An issue that comes from using Moodle is that the school has no authority over anything that happens. This means that with no control, if Moodle were to experience any issues, like the website being shut down due to maintenance or a security compromise on the company’s part, Geogia Military Co llege would be unable to do anything while their information is left to sit on the website until Moodle fixes the issue. A more malicious threat that Georgia Military College, especially the Augusta campus, faces are phishing emails. These emails sent by phishers are set up to offer students a high paying job or to pose as teacher or another student to get information out of the target. Despite Georgia Military College sending out emails to warn students of phishers, the college cannot guarantee that each student reads and listens to email. “Phishers always take the benefit of

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

4 human factors that generally ignore the critical warning messages” which leads to phishing emails being considered a threat (Gupta 2018). Another threat that falls to the user is dictionary password attacks. By relying on poorly created passwords, someone with ill intentions can suddenly gain access to the account they logged in on. Luckily, the college has a two-step verification process when logging in to make this attack harder to complete. It is impossible to have no risks, so it is good practice to be aware of the risks that come with a college. Mentioned earlier, one of the assets that Georgia Military College has is the important data that the college is required to keep. With any business that collects data, there is a risk of a data breech. Another risk comes from computers that are on campus for student use. Students can use these computers to access unsafe websites, whether on purpose or not, and a virus can begin to spread. A final risk that will be discussed is that Georgia Military College has a BYOD option. Students are more than welcome to bring their own devices to do schoolwork where the only restriction is that the student needs to have access to Microsoft products. Immediately, the school is not able to limit what websites the students get on or monitor what the students are doing on their device. A malicious user could easily go under the radar while taking advantage of the internet that is provided and the acceptance of BYOD to campus. Being aware of the vulnerabilities, threats, and risks that are focused on Georgia Military College, make it more eye-opening to see the malicious activities that can happen in a college setting alone. By protecting the assets that are in the college’s possession, it is important to come to terms that malicious activity is possible and can happen whenever the attacker likes. Whether these actions are meant to do harm or are unintentional, being aware of what could happen is the better option.

5 Reference GeeksforGeeks. (2021, December 16). Difference between threat vulnerability and risk in computer network. https://www.geeksforgeeks.org/difference-between-threat- vulnerability-and-risk-in-computer-network/ Gupta, B. B., Arachchilage, N. A. G., & Psannis, K. E. (2018). Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommunication Systems, 67(2), 247-267. https://doi.org/10.1007/s11235-017-0334-z McFarland, S. S. (2007). Back to (Virtual) School. Macworld , 24 (8), 71. https://web.p.ebscohost.com/ehost/detail/detail?vid=6&sid=28f79f79-e84c-46e3-9953- 9f02a7912786%40redis&bdata=JkF1dGhUeXBlPWlwLHNoaWImc2l0ZT1laG9zdC1sa XZlJnNjb3BlPXNpdGU%3d#AN=25695466&db=bth Puzder, D. (2023, April 27). Vulnerabilities, threats, and risks explained | Office of Information Security | Washington University in St. Louis . https://informationsecurity.wustl.edu/vulnerabilities-threats-and-risks-explained/

Related Documents

FD_practice.pdf

FD_practice_key_part1.pdf

IT234_Jose Gonzalez_Unit6.docx

Midterm Marketing Project Instructions_V1 (2).docx

[Lab-Pentest] Metasploit RAT.docx

Practice Q&A Questions.pdf

Assignment 5 - Jonatan.pdf

CIS-217ProjectPart3.pdf

Discussion 7 post.docx

CIS-217ProjectPart2.pdf

F23_HW6_arule_student.docx

6.2.11 Practice Questions.pdf

Recommended textbooks for you

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781285867168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Fundamentals of Information Systems

Computer Science

ISBN:9781305082168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning