Professional Documents
Culture Documents
There are several main items to consider when listing threats and their ability to threaten the
network. These include:
1. The threat such as virus, spyware, worms, computer hack and others.
2. The computer type - This will be one of server, desktop, mainframe, or laptop.
3. The entry method - Describes the transport mechanism the threat used to enter the network
whether it was the DMZ or trusted network. this could be carried physically in, through
email, through a browser such as typical adware or spyware infections, or through a
firewall.
4. The infected Zone - The zone the infected computer was in. It should be noted whether the
infection spread and what zones it spread to, but there is no place in the table for this. If
spreading happened, the item should be stared or numbered with an incident explaination
at the bottom of the sheet.
5. The perceived threat severity
6. How common or often the threat is realized on the network.
7. Occurrences per month. This should be the actual average number of occurrences in the
last 6 to 12 months.
Items to consider:
1. Consider where all systems lie on the network and where traffic is limited between
different areas. Include firewalls and routers along with descriptions or lists of permitted
and disallowed traffic.
2. Consider where the most security violations have occurred both in type such as virus and
the type of computer infected.
1. Consider whether the servers should be in a network zone seperate from the client
computers if client computers are compromised more often, statistically, than other
groups of computers (such as servers in the DMZ).